sud.ua Open in urlscan Pro
62.149.17.71 Public Scan

URL:
https://sud.ua/
Submission: On April 20 via api (April 20th 2021, 9:11:45 am UTC) from CH

Summary HTTP 289 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 44 domains to perform 289 HTTP transactions. The main IP is 62.149.17.71, located in Kyiv, Ukraine and belongs to COLOCALL Internet Data Center _ColoCALL_, UA. The main domain is sud.ua.
TLS certificate: Issued by R3 on April 3rd 2021. Valid for: 3 months.

This is the only time sud.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
74	62.149.17.71 62.149.17.71	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1	2600:9000:219... 2600:9000:2190:b600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 13	136.243.84.75 136.243.84.75	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:219... 2600:9000:2190:9000:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
14	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
7	62.244.25.75 62.244.25.75	3254 (LUCKYNET ...) (LUCKYNET Lucky Net Ltd)
1	2600:9000:219... 2600:9000:2190:e400:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	62.244.25.85 62.244.25.85	3254 (LUCKYNET ...) (LUCKYNET Lucky Net Ltd)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
13	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	5.135.83.158 5.135.83.158	16276 (OVH) (OVH)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
1 1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	52.58.221.124 52.58.221.124	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	136.243.128.165 136.243.128.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2 2	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	34.120.139.69 34.120.139.69	15169 (GOOGLE) (GOOGLE)
1 2	193.232.148.146 193.232.148.146	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1 1	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
4	136.243.140.49 136.243.140.49	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2 4	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
3 3	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
28	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4 4	52.33.71.0 52.33.71.0	16509 (AMAZON-02) (AMAZON-02)
6 6	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
6 6	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
6 6	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 1	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
289	52

74 62.149.17.71 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: atrio301.cc.colocall.com

sud.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:b600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 136.243.84.75 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de

recreativ.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:9000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 62.244.25.75 (Kyiv, Ukraine)

ASN3254 (LUCKYNET Lucky Net Ltd, UA)

js-goods.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rus.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
goods.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:e400:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.244.25.85 (Kyiv, Ukraine)

ASN3254 (LUCKYNET Lucky Net Ltd, UA)

newscode.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 5.135.83.158 (France)

ASN16276 (OVH, FR)
PTR: app-05.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.221.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.128.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: st11.recreativ.ru

st11.recreativ.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.133.78 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.146 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.22 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.140.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: st11.recreativ.ru

st11.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.227.69 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.33.71.0 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-71-0.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.253.211 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.115 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.20.241 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	sud.ua sud.ua	3 MB
42	doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	121 KB
34	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	280 KB
26	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com	348 KB
20	youtube.com www.youtube.com	1 MB
11	fbcdn.net static.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net scontent-frt3-1.xx.fbcdn.net	159 KB
11	rcvlink.com go.rcvlink.com st11.rcvlink.com	66 KB
10	recreativ.ru 1 redirects recreativ.ru st11.recreativ.ru	59 KB
7	redtram.com js-goods.redtram.com rus.redtram.com goods.redtram.com	75 KB
6	casalemedia.com 6 redirects ssum-sec.casalemedia.com	6 KB
6	pubmatic.com 6 redirects image6.pubmatic.com	5 KB
6	openx.net 6 redirects rtb.openx.net	2 KB
6	adpartner.pro a4p.adpartner.pro	7 KB
5	googletagservices.com www.googletagservices.com	172 KB
5	google.com adservice.google.com www.google.com	46 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	rubiconproject.com 4 redirects pixel.rubiconproject.com	2 KB
4	addthis.com 4 redirects e.dlx.addthis.com	4 KB
4	quantserve.com 2 redirects cms.quantserve.com	2 KB
4	facebook.net connect.facebook.net	163 KB
3	everesttech.net 3 redirects pixel.everesttech.net	1 KB
3	facebook.com www.facebook.com	19 KB
3	google-analytics.com ssl.google-analytics.com www.google-analytics.com	36 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
2	adhigh.net 1 redirects px.adhigh.net	728 B
2	mgid.com 2 redirects cm.mgid.com	951 B
2	trafmag.com t.trafmag.com m.trafmag.com	583 B
2	google.de adservice.google.de	287 B
2	bigmir.net 1 redirects c.bigmir.net i.bigmir.net	1 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
1	innovid.com ag.innovid.com	296 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	302 B
1	mookie1.com odr.mookie1.com	324 B
1	hybrid.ai dm.hybrid.ai	238 B
1	admixer.net 1 redirects inv-nets.admixer.net	482 B
1	eskimi.com dsp-trk.eskimi.com	154 B
1	uuidksinc.net s.uuidksinc.net	267 B
1	ytimg.com i.ytimg.com	45 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	googleadservices.com partner.googleadservices.com	638 B
1	mixadvert.com m.mixadvert.com	4 KB
1	newscode.online newscode.online	5 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	sendpulse.com cdn.sendpulse.com	34 KB
289	44

	Domain	Requested by
74	sud.ua	sud.ua cdn.sendpulse.com
28	cm.g.doubleclick.net	sud.ua googleads.g.doubleclick.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	www.youtube.com	sud.ua www.youtube.com
17	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
13	pagead2.googlesyndication.com	sud.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
9	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	go.rcvlink.com	sud.ua go.rcvlink.com
6	ssum-sec.casalemedia.com	6 redirects
6	image6.pubmatic.com	6 redirects
6	rtb.openx.net	6 redirects
6	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net
6	a4p.adpartner.pro	sud.ua a4p.adpartner.pro
6	recreativ.ru	1 redirects sud.ua recreativ.ru go.rcvlink.com
5	rus.redtram.com	sud.ua newscode.online
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.googleapis.com	sud.ua googleads.g.doubleclick.net
4	pixel.rubiconproject.com	4 redirects
4	e.dlx.addthis.com	4 redirects
4	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
4	st11.rcvlink.com	sud.ua
4	st11.recreativ.ru	sud.ua
4	connect.facebook.net	sud.ua connect.facebook.net
3	pixel.everesttech.net	3 redirects
3	www.google.com	www.youtube.com googleads.g.doubleclick.net
3	www.facebook.com	sud.ua connect.facebook.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	px.adhigh.net	1 redirects sud.ua
2	cm.mgid.com	2 redirects
2	static.doubleclick.net	www.youtube.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects sud.ua
2	ssl.google-analytics.com	sud.ua
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	googlecm.hit.gemius.pl	1 redirects
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	dm.hybrid.ai	sud.ua
1	m.trafmag.com	sud.ua
1	inv-nets.admixer.net	1 redirects
1	dsp-trk.eskimi.com	sud.ua
1	s.uuidksinc.net	sud.ua
1	t.trafmag.com	sud.ua
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	goods.redtram.com	js-goods.redtram.com
1	www.google-analytics.com	a4p.adpartner.pro
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	l.sharethis.com	platform-api.sharethis.com
1	i.bigmir.net	sud.ua
1	c.bigmir.net	1 redirects
1	m.mixadvert.com	sud.ua
1	newscode.online	sud.ua
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	js-goods.redtram.com	sud.ua
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	cdn.sendpulse.com	sud.ua
1	platform-api.sharethis.com	sud.ua
289	62

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
rus.redtram.com
plus.google.com
argentum.ua
recreativ.ru
recreativ.com
www.bigmir.net

Subject Issuer	Validity	Valid
sud.ua R3	`2021-04-03` - `2021-07-02`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
1603358863.rsc.cdn77.org R3	`2021-03-19` - `2021-06-17`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.recreativ.ru Thawte RSA CA 2018	`2020-08-14` - `2021-09-06`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.redtram.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-10` - `2022-02-13`	2 years	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
newscode.online R3	`2021-03-18` - `2021-06-16`	3 months	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
adpartner.pro R3	`2021-02-26` - `2021-05-27`	3 months	crt.sh
m.mixadvert.com R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
rcvlink.com R3	`2021-03-10` - `2021-06-08`	3 months	crt.sh
img.com.ua R3	`2021-03-03` - `2021-06-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
uuidksinc.net R3	`2021-04-18` - `2021-07-17`	3 months	crt.sh
*.eskimi.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-04-12` - `2022-05-13`	a year	crt.sh
*.adhigh.net R3	`2021-04-01` - `2021-06-30`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 23 frames:

Primary Page: https://sud.ua/
Frame ID: 2B784786DE2993A8887096DD63EA1162
Requests: 135 HTTP requests in this frame

Frame: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
Frame ID: 1C8EF670722A8AFC3A0E1FBF18901324
Requests: 15 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: FBF67FB4EB92F39D7C3B9CFC2E401C24
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
Frame ID: 5CCE2528A7251A4F887B7E04AAB28840
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html
Frame ID: 0494B031A8F5592C56E94EE58FFC6433
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: 920B430C50A07B20522DAF6EC6540F04
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&adk=1812271804&adf=3025194257&lmt=1618909879&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsud.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879293&bpp=13&bdt=499&idt=94&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5610137990111&frm=20&pv=2&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=112
Frame ID: 005B852F66CB7BD7E98A1D84B028663E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&session_pageview=1&session_id=71055c60-e330-4c45-9595-3174fc574005&site_visited=1&apuid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fsud.ua%2F
Frame ID: 93C338856CD776CA383BEFE67142E676
Requests: 3 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: 9EB568485B3FF8F1F19D39C046C09F80
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=3669479829&pi=t.aa~a.3331352014~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=2&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0&nras=2&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=1272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gRwl7O4nlo&p=https%3A//sud.ua&dtd=11
Frame ID: 240636D4576AEBCAEFCECDE4F13C4CFD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=2657765983&pi=t.aa~a.1171853407~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600&nras=3&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=141&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oUpoHAVDMF&p=https%3A//sud.ua&dtd=15
Frame ID: 3FA351485F6F7FF9F219B148231EFFE4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=240&adk=3228360848&adf=4036433046&pi=t.aa~a.2991870961~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x240&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600&nras=4&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=3002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=U1sLcPLR03&p=https%3A//sud.ua&dtd=18
Frame ID: DF10658EA3533300EFD60A445414B07B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=100&adk=3119739864&adf=1960333627&pi=t.aa~a.3325200224~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x100&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600%2C300x240&nras=5&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=432&ady=3336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=zhRZu1zwhj&p=https%3A//sud.ua&dtd=22
Frame ID: 33672AAA871432D6CE82B4FD53F0BDDA
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F867CC82C4E3EAABF300AA8145581BB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F6326FC651F87659A295FEDA46610AF4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 69D268A175551FFBEA57043AB0EDE416
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 17CCC7BD73BEAB2A0E250760D83267E3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EF3F29AED61583C63BA72222E1AB70B8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0A90210F98D01DC0674766A60A83BD30
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 98C16CECF4E012E09E9469CAD39F29FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 9F362D80FB96EC5291DD3634C80CD348
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2066d7d643e12c%26domain%3Dsud.ua%26origin%3Dhttps%253A%252F%252Fsud.ua%252Ff17b18a31447cc%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsudgazeta%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false
Frame ID: F841A31913046544644A4415EB5F6A78
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B60A08A6FF105A5035A7F2A610468F93
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

289
Requests

100 %
HTTPS

51 %
IPv6

44
Domains

62
Subdomains

52
IPs

9
Countries

6023 kB
Transfer

11869 kB
Size

0
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/sudua

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sudgazeta/

Search URL Search Domain Scan URL

URL: https://twitter.com/sud_gazeta

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC5R89CNV6EE9ruwuEFRcOcw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sud_ua/

Search URL Search Domain Scan URL

URL: https://rus.redtram.com/cp/601565476/n4p/36336?q=f1c331fb589f480bcffead3024ae1f23&page=1&pos=1&ref=https%3A%2F%2Fsud.ua%2F&ref2=&tmload=1618909879

Search URL Search Domain Scan URL

URL: https://rus.redtram.com/cp/601563610/n4p/36336?q=f1c331fb589f480bcffead3024ae1f23&page=1&pos=2&ref=https%3A%2F%2Fsud.ua%2F&ref2=&tmload=1618909879

Search URL Search Domain Scan URL

URL: https://rus.redtram.com/cp/601478986/n4p/36336?q=f1c331fb589f480bcffead3024ae1f23&page=1&pos=3&ref=https%3A%2F%2Fsud.ua%2F&ref2=&tmload=1618909879

Search URL Search Domain Scan URL

URL: https://plus.google.com/109465346485446350920
Title: Google+

Search URL Search Domain Scan URL

URL: http://argentum.ua/
Title: Argentum IT Lab

Search URL Search Domain Scan URL

URL: https://recreativ.ru/go/?t=7nkUWHAJMdRpGnnMGbGxsBEPHjUYN0ULCvx-2JF7XaU-CAAu5sFTWDeLDpX7jiCyFlU4jo6cAbsOeyBHg5TzUz7a849Fq4nTGoEDS1NMkXhYZxkQEPLDDjxBjQnj2Ci7C_eb-yYYRRdBEDvduJ8X5K6elQ44XAv8DPnv6EfeqnV-Bgd3VGcAW94pSw
Title: Жил под маской лжи!Жена артиста Вероника Круглова раскрыла тайну Кобзона

Search URL Search Domain Scan URL

URL: https://recreativ.ru/go/?t=7nkUWHAJMdRpGnnMGbGxsBEPHjUYN0ULCvx-2JF7XaU-CAAu5sFTWDeLDpX7jiCyFlU4jo6cAbsOeyBHg5TzUz7a849Fq4nTGoEDS1NMkXhYZxkQEPLDDjxBjQnj2Ci7C_eb-yYYRRdBEDvduJ8X5K6elQ44XAv8DPnv6Eb6_TN-Bgd3VGcAW94pSw
Title: Русский колоритЭти невесты взорвали интернет своей «ошеломляющей» красотой!

Search URL Search Domain Scan URL

URL: https://recreativ.ru/go/?t=7nkUWHAJMdRpGnnMGbGxsBEPHjUYN0ULCvx-2JF7XaU-CAAu5sFTWDeLDpX7jiCyFlU4jo6cAbsOeyBHg5TzUz7a849Fq4nTGoEDS1NMkXhYZxkQEPLDDjxBjQnj2Ci7C_eb-yYYRRdBEDvduJ8X5K6elQ44XAv8DPnv6EeJ1Gx-Bgd3VGcAW94pSw
Title: Есть видео!Курица клюнула кота... Его реакцию нужно увидеть!

Search URL Search Domain Scan URL

URL: https://recreativ.ru/go/?t=7nkUWHAJMdRpGnnMGbGxsBEPHjUYN0ULCvx-2JF7XaU-CAAu5sFTWDeLDpX7jiCyFlU4jo6cAbsOeyBHg5TzUz7a849Fq4nTGoEDS1NMkXhYZxkQEPLDDjxBjQnj2Ci7C_eb-yYYRRdBEDvduJ8X5K6elQ44XAv8DPnv6Et-0Ap-Bgd3VGcAW94pSw
Title: Buy Playstation 5Official Playstation 5 store. Free P.O. delivery in EU.

Search URL Search Domain Scan URL

URL: https://recreativ.com/

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//sud.ua/;0.6267522909540082 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//sud.ua/;0.6267522909540082

Request Chain 100

https://c.bigmir.net/?v16953431&s16954880&t3&c1&n486255&w0&y0&d24&r1600 HTTP 302
https://i.bigmir.net/cnt/03.png

Request Chain 164

https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=ad89aa0a-cd07-4265-9274-9bfa353d2dd1 HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=10

Request Chain 165

https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=ad89aa0a-cd07-4265-9274-9bfa353d2dd1 HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=9

Request Chain 167

https://recreativ.ru/mtch/31/ad89aa0a-cd07-4265-9274-9bfa353d2dd1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=61593285104

Request Chain 169

https://px.adhigh.net/p/cm/adpdigital HTTP 302
https://px.adhigh.net/p/cm/adpdigital?bounced=1

Request Chain 170

https://inv-nets.admixer.net/adxcm.aspx?ssp=A7282016-03BE-4B43-9ECF-81872F01C61C&id=ad89aa0a-cd07-4265-9274-9bfa353d2dd1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=e0f7582cb1d0432d890628a081c36fdb

Request Chain 211

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKAvbn_znlENWQQtDK6R7bT4LZvKZ3V4yO2ZJvFxRxIY069qw4WgoA9i10qPl3d7eK_UFDtLJIMF7ADwnlY9ohEsJGDcU0&google_gid=CAESEGmaiulOtflOS2mClvao5DY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFCR2hZTFg4Qg&google_push=AQvitUKAvbn_znlENWQQtDK6R7bT4LZvKZ3V4yO2ZJvFxRxIY069qw4WgoA9i10qPl3d7eK_UFDtLJIMF7ADwnlY9ohEsJGDcU0

Request Chain 212

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIdKNWTwxSuwodkx1ZZx0hzgqV_G--4kH3x7m51xIpbqIfZJXRP8zTCpblVfvPnDyXv6eZ70s-xzaw739ZsBdkb9EAeoww&google_gid=CAESEGAIMpM6v8hJaY0HSn8GCQs&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIdKNWTwxSuwodkx1ZZx0hzgqV_G--4kH3x7m51xIpbqIfZJXRP8zTCpblVfvPnDyXv6eZ70s-xzaw739ZsBdkb9EAeoww&google_gid=CAESEGAIMpM6v8hJaY0HSn8GCQs&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAwOTExMjEyNjY2OTYzNjA0ODgwNA%3D%3D&google_push=AQvitUIdKNWTwxSuwodkx1ZZx0hzgqV_G--4kH3x7m51xIpbqIfZJXRP8zTCpblVfvPnDyXv6eZ70s-xzaw739ZsBdkb9EAeoww

Request Chain 213

https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUKcQuy0apiispDToLQ_-7LygptgQ3XaYKC3bu9KHeCNimQ1cKRvWAVT2PxQX4uXGta0YajAZTIkcgBKyyES9YMwrsOW9Lc HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUKcQuy0apiispDToLQ_-7LygptgQ3XaYKC3bu9KHeCNimQ1cKRvWAVT2PxQX4uXGta0YajAZTIkcgBKyyES9YMwrsOW9Lc&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKcQuy0apiispDToLQ_-7LygptgQ3XaYKC3bu9KHeCNimQ1cKRvWAVT2PxQX4uXGta0YajAZTIkcgBKyyES9YMwrsOW9Lc&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

Request Chain 214

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGjoEXxy4Qw_TDwd9UFrvAQ&google_cver=1&google_push=AQvitULfxla4W8cQNQgKNqJ7dpnYWXKkRiYMQEwU_SHxeDtjzz1HRRZsFO3LCFwTNuuOSUZPkpBeri0Klx3xvG0k_mWxFHygatc HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGjoEXxy4Qw_TDwd9UFrvAQ&google_cver=1&google_push=AQvitULfxla4W8cQNQgKNqJ7dpnYWXKkRiYMQEwU_SHxeDtjzz1HRRZsFO3LCFwTNuuOSUZPkpBeri0Klx3xvG0k_mWxFHygatc&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULfxla4W8cQNQgKNqJ7dpnYWXKkRiYMQEwU_SHxeDtjzz1HRRZsFO3LCFwTNuuOSUZPkpBeri0Klx3xvG0k_mWxFHygatc

Request Chain 215

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIA9J2JrS3eIVzASOrkcbdc&google_cver=1&google_push=AQvitUJPs05seZLhEEenl2AMMyg3eExFzcjgeZ0xkgtYOyrwhe6EY8KXAoimfuVk0j8Ch3cm4kvysPjAOfrEJHklHIZ3-ocsIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2OUotMVItTDJIVg==&google_push=AQvitUJPs05seZLhEEenl2AMMyg3eExFzcjgeZ0xkgtYOyrwhe6EY8KXAoimfuVk0j8Ch3cm4kvysPjAOfrEJHklHIZ3-ocsIw

Request Chain 216

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&google_push=AQvitUIrEpxsfdO8KZLxiD8nIg7wm3VS3lfklvi1gHAQc8H6z3fzTZ8zLOM7WWpjz7wQ870lo3wY13aw7OmZn5qCTEHD1rpPZw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&google_push=AQvitUIrEpxsfdO8KZLxiD8nIg7wm3VS3lfklvi1gHAQc8H6z3fzTZ8zLOM7WWpjz7wQ870lo3wY13aw7OmZn5qCTEHD1rpPZw&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_cver=1&google_push=AQvitUIrEpxsfdO8KZLxiD8nIg7wm3VS3lfklvi1gHAQc8H6z3fzTZ8zLOM7WWpjz7wQ870lo3wY13aw7OmZn5qCTEHD1rpPZw&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y

Request Chain 220

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIYQreI0ybQytsp4Y3br64GEK13ydojzH4luwWB8Vi8irH6LeOl48qcC4MZ8pf6nIotUU-AKR-OhmLrpZs_lR5i0723Xyds&google_gid=CAESEGmaiulOtflOS2mClvao5DY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFBZWw3cjI5Vg&google_push=AQvitUIYQreI0ybQytsp4Y3br64GEK13ydojzH4luwWB8Vi8irH6LeOl48qcC4MZ8pf6nIotUU-AKR-OhmLrpZs_lR5i0723Xyds

Request Chain 222

https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUInhpnbe0HiwlIRm_Z7oG4ADGfd4US5QUXi8HwhyrFtoplSe9ZmM5HdAR687lQph4BdrOQWiguXzzh2alJkIWYOowGWY-HN HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUInhpnbe0HiwlIRm_Z7oG4ADGfd4US5QUXi8HwhyrFtoplSe9ZmM5HdAR687lQph4BdrOQWiguXzzh2alJkIWYOowGWY-HN&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUInhpnbe0HiwlIRm_Z7oG4ADGfd4US5QUXi8HwhyrFtoplSe9ZmM5HdAR687lQph4BdrOQWiguXzzh2alJkIWYOowGWY-HN&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

Request Chain 223

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGjoEXxy4Qw_TDwd9UFrvAQ&google_cver=1&google_push=AQvitUKPl1AtBfKpxSsJeWd629EB_-K1Nbg7ZlolkLdmiIzuKd6X0d-go5hPWhwtPQJK4RNVRBM9Y5dta4XB68HTGEMuaBFQHt0S HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGjoEXxy4Qw_TDwd9UFrvAQ&google_cver=1&google_push=AQvitUKPl1AtBfKpxSsJeWd629EB_-K1Nbg7ZlolkLdmiIzuKd6X0d-go5hPWhwtPQJK4RNVRBM9Y5dta4XB68HTGEMuaBFQHt0S&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKPl1AtBfKpxSsJeWd629EB_-K1Nbg7ZlolkLdmiIzuKd6X0d-go5hPWhwtPQJK4RNVRBM9Y5dta4XB68HTGEMuaBFQHt0S

Request Chain 224

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIA9J2JrS3eIVzASOrkcbdc&google_cver=1&google_push=AQvitUJNG40eN0wMrL1mtGJMClGZSMl6zoi4hf_V9ha-vZUoJ_d5oGAvaD24Z3augDFQpn-eFhv9-85d1ATv4_WT3sHQN5qWT_I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2OVotMTgtMVdCQQ==&google_push=AQvitUJNG40eN0wMrL1mtGJMClGZSMl6zoi4hf_V9ha-vZUoJ_d5oGAvaD24Z3augDFQpn-eFhv9-85d1ATv4_WT3sHQN5qWT_I

Request Chain 225

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&google_push=AQvitUJpJai3ADNfUQl6t1fdDRyiuPPFcr_6abO7pGwVn1nLhrHjsCB_K9YmRTNmjRo5rU50Hz6HNUT6zrRSgzS3KEtyqdc23JEu HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&google_push=AQvitUJpJai3ADNfUQl6t1fdDRyiuPPFcr_6abO7pGwVn1nLhrHjsCB_K9YmRTNmjRo5rU50Hz6HNUT6zrRSgzS3KEtyqdc23JEu&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_push=AQvitUJpJai3ADNfUQl6t1fdDRyiuPPFcr_6abO7pGwVn1nLhrHjsCB_K9YmRTNmjRo5rU50Hz6HNUT6zrRSgzS3KEtyqdc23JEu&google_cver=1

Request Chain 259

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAQw1WdqwdM0D2woC0aG5sE&google_cver=1&google_push=AQvitUJBseeu5c3Hlg7aoNwbah7sNfkMqySUC6yTGEutzOGhbfu4rmt4owRLeESFyt_13Q2ZsibSNG7U_rp75Za1571b70m1fK0 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJBseeu5c3Hlg7aoNwbah7sNfkMqySUC6yTGEutzOGhbfu4rmt4owRLeESFyt_13Q2ZsibSNG7U_rp75Za1571b70m1fK0&google_hm=K-l5venzWg7oWxNH_aJNxw

Request Chain 260

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJsi99pvMa-hl75dl8RHPaCUVL6Xc8zFJU1XLgLi8iWA0yGzOhswM9CJCzOFR5i5XnGlGeel4sQq5_3AvsZKwtBgypUiLo&google_gid=CAESEGmaiulOtflOS2mClvao5DY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFBSUppV2tiTA&google_push=AQvitUJsi99pvMa-hl75dl8RHPaCUVL6Xc8zFJU1XLgLi8iWA0yGzOhswM9CJCzOFR5i5XnGlGeel4sQq5_3AvsZKwtBgypUiLo

Request Chain 261

https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUIEExryVehvZhWhf4uD8IHJnNJSF2G8ubEAstDWxUaK603-3NMBJZ1ubbseOI3lGsyn0TgvuuzBIKuLh6CwZm-bIs5-UA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIEExryVehvZhWhf4uD8IHJnNJSF2G8ubEAstDWxUaK603-3NMBJZ1ubbseOI3lGsyn0TgvuuzBIKuLh6CwZm-bIs5-UA&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

Request Chain 262

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGjoEXxy4Qw_TDwd9UFrvAQ&google_cver=1&google_push=AQvitUJqIOHL4VgdZ7zlpbjJaSYUQeJuaotzebidbj5RLPGkUmAgQ5WMzoesBTe8Sl7NiSsser0PciT4yJM_1XERilphELYj16o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJqIOHL4VgdZ7zlpbjJaSYUQeJuaotzebidbj5RLPGkUmAgQ5WMzoesBTe8Sl7NiSsser0PciT4yJM_1XERilphELYj16o

Request Chain 263

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIA9J2JrS3eIVzASOrkcbdc&google_cver=1&google_push=AQvitUJztUGczkDKRBsOPjmWr-YLIDcf4bthobALGEq8CP9Zgec0isFvJFIv185QnyawjmvA5q3URB-wXjvDlv1yJ9xJAnxEwCo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2STctMjAtS0hRWQ==&google_push=AQvitUJztUGczkDKRBsOPjmWr-YLIDcf4bthobALGEq8CP9Zgec0isFvJFIv185QnyawjmvA5q3URB-wXjvDlv1yJ9xJAnxEwCo

Request Chain 264

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&google_push=AQvitUIn_EFQS4T92dVI7MUoJMJPQdXOikxOWJpdrgbMb349OD_PpcydnM0XYSZyzMpZfACLG98-E7RSqvvjfHew4To-DBgsB2U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_push=AQvitUIn_EFQS4T92dVI7MUoJMJPQdXOikxOWJpdrgbMb349OD_PpcydnM0XYSZyzMpZfACLG98-E7RSqvvjfHew4To-DBgsB2U&google_cver=1

Request Chain 265

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMIfil5xkQE6LWERtuLOWe4&google_cver=1&google_push=AQvitULrs5nmAG9WGa92I3R8kXVQr3kumfccHApfImirdWWMFWXT55tfNB1s8j6kbkgiGXdfVt2MqBum-adAetQBrApsXX6gLu3i HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULrs5nmAG9WGa92I3R8kXVQr3kumfccHApfImirdWWMFWXT55tfNB1s8j6kbkgiGXdfVt2MqBum-adAetQBrApsXX6gLu3i&google_hm=

Request Chain 267

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAQw1WdqwdM0D2woC0aG5sE&google_cver=1&google_push=AQvitUKbPcfrhXtbkawrreC0kzhLEzlbfRpG9VulQcnpXa_IuIVLNPJcFMKrXJUj2zRr7bjav2IRxM_w8mLNvZRb2bL-QVY0Mrw HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUKbPcfrhXtbkawrreC0kzhLEzlbfRpG9VulQcnpXa_IuIVLNPJcFMKrXJUj2zRr7bjav2IRxM_w8mLNvZRb2bL-QVY0Mrw&google_hm=K-l5venzWg7oWxNH_aJNxw

Request Chain 268

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULifpUQvSceupDEqaqbmCGITZg4fTvXXOwMiBqHrVqPbK0LVJhK_uUxFDWfN365-wZAl_gpTBnY6bUGentGmEdUp6EXIVc&google_gid=CAESEGAIMpM6v8hJaY0HSn8GCQs&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULifpUQvSceupDEqaqbmCGITZg4fTvXXOwMiBqHrVqPbK0LVJhK_uUxFDWfN365-wZAl_gpTBnY6bUGentGmEdUp6EXIVc&google_gid=CAESEGAIMpM6v8hJaY0HSn8GCQs&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAwOTExMjEyNzE0OTkzMDY4OTA2OQ%3D%3D&google_push=AQvitULifpUQvSceupDEqaqbmCGITZg4fTvXXOwMiBqHrVqPbK0LVJhK_uUxFDWfN365-wZAl_gpTBnY6bUGentGmEdUp6EXIVc

Request Chain 269

https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUJpqo5RTzMdKQUqpsTBKA5xcLB0sI7fN9iFO8wJonar0Zj2R9ld3ok26e-ORKyPvKhgTUX-L_N_b0Q0CyM0kdBIYNOYD9I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJpqo5RTzMdKQUqpsTBKA5xcLB0sI7fN9iFO8wJonar0Zj2R9ld3ok26e-ORKyPvKhgTUX-L_N_b0Q0CyM0kdBIYNOYD9I&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

Request Chain 270

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGjoEXxy4Qw_TDwd9UFrvAQ&google_cver=1&google_push=AQvitUKW19n6vGX2uDuMY-P29ORbNdzzwWk_qBBoSp03R7QIZ1EKjC92g3C1Vcfdx-Kpvay93Z2Yhau5lrEBv-HY0TeTMORwiIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKW19n6vGX2uDuMY-P29ORbNdzzwWk_qBBoSp03R7QIZ1EKjC92g3C1Vcfdx-Kpvay93Z2Yhau5lrEBv-HY0TeTMORwiIA

Request Chain 271

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIA9J2JrS3eIVzASOrkcbdc&google_cver=1&google_push=AQvitUKFZMxKiREUOVOQFi556LoQCrVwytg8X1bCCyhX-dqPdT_l_iyopN45xPHQg2Dt8lpYsa-NJgeWrdzEPR7cnM2oBbXfIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2SUctMVAtMTJSSw==&google_push=AQvitUKFZMxKiREUOVOQFi556LoQCrVwytg8X1bCCyhX-dqPdT_l_iyopN45xPHQg2Dt8lpYsa-NJgeWrdzEPR7cnM2oBbXfIA

Request Chain 272

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&google_push=AQvitUIC4G-kcDREBdTZqD40tXwtumXZnDIZ1qjgsuDO0XjxA76_LHF5r_uH8eYnUz-KLS_JgG4OwuvEdgAr26qk6J-B3mLjjmk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_cver=1&google_push=AQvitUIC4G-kcDREBdTZqD40tXwtumXZnDIZ1qjgsuDO0XjxA76_LHF5r_uH8eYnUz-KLS_JgG4OwuvEdgAr26qk6J-B3mLjjmk&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y

289 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sud.ua/ 115 KB
29 KB 1257ms
1143ms Document
text/html 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 943577f1fd3b5e3241b8987275db99086787d6662365c1515f699e6b642fe70c

Request headers

:method: GET
:authority: sud.ua
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.10.3 (Ubuntu)
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0; expires=Wed, 21-Apr-2021 09:11:17 GMT; Max-Age=86400; path=/
cache-control: max-age=300, public, s-maxage=300
date: Tue, 20 Apr 2021 09:11:17 GMT
content-encoding: gzip

GET
H2 200 sud.css
sud.ua/css/ 53 KB
53 KB 62ms
58ms Stylesheet
text/css 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/sud.css?v=3
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cbb746cb1c4bf5795e073ab19240d469386bd0635cbdce4c520bdc272f11d02b

Request headers

:path: /css/sud.css?v=3
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Wed, 14 Apr 2021 08:38:20 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "6076a9fc-d37b"
content-length: 54139
content-type: text/css

GET
H2 200 superfish.css
sud.ua/css/ 419 B
551 B 111ms
107ms Stylesheet
text/css 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/superfish.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: dce358c8d9a44e55987ff53b453ba6dec399b3106d559142db61961c2b95de83

Request headers

:path: /css/superfish.css
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-1a3"
content-length: 419
content-type: text/css

GET
H2 200 jquery-ui.min.css
sud.ua/js/jquery-ui/ 22 KB
22 KB 112ms
108ms Stylesheet
text/css 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.min.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cd51ccb5a721fa2dee14495f4a2304aa493ee0e1b9e8cdccd5c71681f8679d33

Request headers

:path: /js/jquery-ui/jquery-ui.min.css
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-595a"
content-length: 22874
content-type: text/css

GET
H2 200 jquery-ui.theme.min.css
sud.ua/js/jquery-ui/ 13 KB
13 KB 113ms
109ms Stylesheet
text/css 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.theme.min.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 260315e4555f49b1337ec2b809c44d6910e10205c65e5141bad381805d2ba826

Request headers

:path: /js/jquery-ui/jquery-ui.theme.min.css
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-351f"
content-length: 13599
content-type: text/css

GET
H2 200 jquery.fancybox.css
sud.ua/js/fancybox/ 5 KB
5 KB 113ms
110ms Stylesheet
text/css 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/fancybox/jquery.fancybox.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 710e80f7571bafcb61fc7ac617d33bfa41c0bd36726dfec094914eae26ae2e20

Request headers

:path: /js/fancybox/jquery.fancybox.css
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-1316"
content-length: 4886
content-type: text/css

GET
H2 200 flexslider.css
sud.ua/js/flexslider/ 6 KB
6 KB 113ms
110ms Stylesheet
text/css 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/flexslider/flexslider.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e78485512d4639364b21e3a5df5c3e939873cf8a8a826529539b9d9fadbcf584

Request headers

:path: /js/flexslider/flexslider.css
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-1764"
content-length: 5988
content-type: text/css

GET
H2 200 jquery-1.11.0.min.js Show response
sud.ua/js/ 94 KB
94 KB 158ms
155ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-1.11.0.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

:path: /js/jquery-1.11.0.min.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-1787d"
content-length: 96381
content-type: application/javascript

GET
H2 200 jquery.easing-1.3.pack.js Show response
sud.ua/js/ 7 KB
7 KB 158ms
155ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.easing-1.3.pack.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111

Request headers

:path: /js/jquery.easing-1.3.pack.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-1a3d"
content-length: 6717
content-type: application/javascript

GET
H2 200 respond.min.js Show response
sud.ua/js/ 4 KB
4 KB 158ms
155ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/respond.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff

Request headers

:path: /js/respond.min.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-fe5"
content-length: 4069
content-type: application/javascript

GET
H2 200 jquery.fancybox.pack.js Show response
sud.ua/js/fancybox/ 23 KB
23 KB 158ms
155ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/fancybox/jquery.fancybox.pack.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

:path: /js/fancybox/jquery.fancybox.pack.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-5a5f"
content-length: 23135
content-type: application/javascript

GET
H2 200 jquery.maskedinput.js Show response
sud.ua/js/ 10 KB
10 KB 158ms
155ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.maskedinput.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f7db94f96a5b6b6f7c2e7c8fd4961ca39af428e4506d68cea82b2ce4d81751b4

Request headers

:path: /js/jquery.maskedinput.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-2882"
content-length: 10370
content-type: application/javascript

GET
H2 200 jquery.ui.datepicker.i18n.js Show response
sud.ua/js/jquery-ui/ 3 KB
4 KB 158ms
156ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery.ui.datepicker.i18n.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a86406d2365b5fac7880064f5a9b0f4a35eb3571f0e5874f4bdffa45bebd5ca7

Request headers

:path: /js/jquery-ui/jquery.ui.datepicker.i18n.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-d89"
content-length: 3465
content-type: application/javascript

GET
H2 200 jquery-ui.min.js Show response
sud.ua/js/jquery-ui/ 168 KB
169 KB 158ms
156ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a6b29649695122285a0af27dd2ae18a932f869d963a2400ccb9eb330c6234436

Request headers

:path: /js/jquery-ui/jquery-ui.min.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-2a0c2"
content-length: 172226
content-type: application/javascript

GET
H2 200 hoverIntent.js Show response
sud.ua/js/ 5 KB
5 KB 158ms
156ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/hoverIntent.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 740cb53532e536c1c7a90cbb037a9a002d2126b34bed1d6d3722b52d2bfe11b7

Request headers

:path: /js/hoverIntent.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-134a"
content-length: 4938
content-type: application/javascript

GET
H2 200 superfish.js Show response
sud.ua/js/ 7 KB
7 KB 158ms
156ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/superfish.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620

Request headers

:path: /js/superfish.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-1b3f"
content-length: 6975
content-type: application/javascript

GET
H2 200 jquery.flexslider-min.js Show response
sud.ua/js/flexslider/ 22 KB
22 KB 158ms
156ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/flexslider/jquery.flexslider-min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705

Request headers

:path: /js/flexslider/jquery.flexslider-min.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-5746"
content-length: 22342
content-type: application/javascript

GET
H2 200 jquery.sticky.js Show response
sud.ua/js/ 10 KB
10 KB 158ms
156ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.sticky.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

:path: /js/jquery.sticky.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-2765"
content-length: 10085
content-type: application/javascript

GET
H2 200 main.js Show response
sud.ua/js/ 2 KB
2 KB 158ms
157ms Script
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/main.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fdea10147f6783ca3b985ae70694e4fa1be88588c8dfab3862fbc1effac3a53d

Request headers

:path: /js/main.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-741"
content-length: 1857
content-type: application/javascript

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 43ms
14ms Script
text/javascript 2600:9000:2190:b600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:b600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:10:01 GMT
content-encoding: gzip
age: 77
etag: W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: iiYo0YC-HPKpu7G7r5ju4CNTEdZPqySAnDZonCJdIY0XHYcYlb4Glg==

GET
H2 200 28b7ceb6dba8fe7150ac3c08549b1fca_1.js Show response
cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/ 115 KB
34 KB 100ms
31ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/28b7ceb6dba8fe7150ac3c08549b1fca_1.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3e2a7a63ff39c91714f1e3e241b5e08fa8740b98b40dab91d9074f738117ffc3

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: yNVkqYeOEmY=
x-77-cache: HIT
x-cache: HIT
x-age: 406496
x-xss-protection: 1; mode=block
x-77-nzt: AcO1ryxgenjv4DMGAA==
x-sp-ma: ma5
last-modified: Thu, 25 Feb 2021 13:19:48 GMT
server: CDN77-Turbo
etag: W/"1cd3c-5bc290188bc3b"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type: application/javascript
cache-control: max-age=31536000, max-age=604800
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Fri, 15 Apr 2022 16:16:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
1 KB 23ms
21ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fce918d665463f6f4298df9d2e2cab9194efe5c67490a77d72540fe19928481c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 09:06:45 GMT
server: ESF
date: Tue, 20 Apr 2021 09:11:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 09:11:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98686dc2034f008687be3cae14c7561ec818c0a48c21cd9500e76a2f21275039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48178
x-xss-protection: 0
server: cafe
etag: 15975590666456113810
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 09:11:19 GMT

GET
H2 200 logo.png
sud.ua/images/ 6 KB
6 KB 66ms
54ms Image
image/png 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/logo.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 00decae85b73f456182a67b0226dccdb5590167c0e6878bb533c54b78843da1c

Request headers

:path: /images/logo.png
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-1678"
content-length: 5752
content-type: image/png

GET
H2 200 37e7494ab15bf8cddc139c133a11b97319c6d3d1.jpg
sud.ua/uploads/news/2020/12/07/ 25 KB
25 KB 66ms
55ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2020/12/07/37e7494ab15bf8cddc139c133a11b97319c6d3d1.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6fb65c9aca3d1d84fffbc50bd6ff89eef346ecbe661122ea635316a4e0205ff8

Request headers

:path: /uploads/news/2020/12/07/37e7494ab15bf8cddc139c133a11b97319c6d3d1.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 07 Dec 2020 08:37:12 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5fcde9b8-62fb"
content-length: 25339
content-type: image/jpeg

GET
H2 200 80ad658f4e317b4416eca1f9da9371501831b868.jpg
sud.ua/uploads/banner/2017/ 46 KB
47 KB 68ms
56ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/banner/2017/80ad658f4e317b4416eca1f9da9371501831b868.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ba835b31996c6891a39f2ba22fc4e5c97881d5c1f49fed9994ac6526a32ce167

Request headers

:path: /uploads/banner/2017/80ad658f4e317b4416eca1f9da9371501831b868.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 11 Jan 2021 15:52:55 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ffc7457-b9dc"
content-length: 47580
content-type: image/jpeg

GET
H2 200 9accc96c4864c96d8aaabb6e61d54b0b1e12ffc6.jpg
sud.ua/uploads/news/2021/04/20/ 63 KB
63 KB 69ms
58ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/9accc96c4864c96d8aaabb6e61d54b0b1e12ffc6.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3428780c1fd8d03128de1ae6b2f394d8b408f892dad48b9860f94afe991c46dd

Request headers

:path: /uploads/news/2021/04/20/9accc96c4864c96d8aaabb6e61d54b0b1e12ffc6.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 08:40:15 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e936f-fbaa"
content-length: 64426
content-type: image/jpeg

GET
H2 200 32950242cc44f15334a4834dfa56d831764e6037.jpg
sud.ua/uploads/news/2021/04/20/ 72 KB
72 KB 80ms
69ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/32950242cc44f15334a4834dfa56d831764e6037.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3c2dd3287ce2096fcaefffeb829e872eeea7e94983da1404141723b59b03f639

Request headers

:path: /uploads/news/2021/04/20/32950242cc44f15334a4834dfa56d831764e6037.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 08:17:12 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e8e08-11fbf"
content-length: 73663
content-type: image/jpeg

GET
H2 200 2876c90e0b16a06fbd94990ccdd3b921f122a885.jpg
sud.ua/uploads/news/2021/04/20/ 87 KB
87 KB 164ms
152ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/2876c90e0b16a06fbd94990ccdd3b921f122a885.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 393334b97df53d496d5bdf85d4a7b88a279d69d3ad69903418ae0bf2a1825074

Request headers

:path: /uploads/news/2021/04/20/2876c90e0b16a06fbd94990ccdd3b921f122a885.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 07:51:44 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e8810-15bfa"
content-length: 89082
content-type: image/jpeg

GET
H2 200 55d4875d820dc9373b5a6eb5cf72ea92592d5bb0.jpg
sud.ua/uploads/news/2021/04/20/ 65 KB
65 KB 216ms
204ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/55d4875d820dc9373b5a6eb5cf72ea92592d5bb0.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 82aaf2b2bb3fdb5f951177bb734c241b04428a31fac690434b6d4e54957141ce

Request headers

:path: /uploads/news/2021/04/20/55d4875d820dc9373b5a6eb5cf72ea92592d5bb0.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 19 Apr 2021 15:16:38 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607d9ed6-10430"
content-length: 66608
content-type: image/jpeg

GET
H2 200 cf919e2582614bf39d5f501a4c11e84cd06d055a.jpg
sud.ua/uploads/news/2021/04/20/ 84 KB
85 KB 314ms
302ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/cf919e2582614bf39d5f501a4c11e84cd06d055a.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e94a317a7f2635bfaf72979726018df5e2faaba0a3d3b233cff324eaff6d37c

Request headers

:path: /uploads/news/2021/04/20/cf919e2582614bf39d5f501a4c11e84cd06d055a.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 04:45:26 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e5c66-151f8"
content-length: 86520
content-type: image/jpeg

GET
H2 200 8bd5ee06fabd5032100079831b930cef02dd7574.jpg
sud.ua/uploads/news_author/2017/ 7 KB
8 KB 316ms
304ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2017/8bd5ee06fabd5032100079831b930cef02dd7574.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1f8d586314835e4b7df447571a65de608871b7699741f69f68b7dcc2d41b5c6c

Request headers

:path: /uploads/news_author/2017/8bd5ee06fabd5032100079831b930cef02dd7574.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Wed, 11 Jul 2018 08:59:49 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5b45c705-1dbb"
content-length: 7611
content-type: image/jpeg

GET
H2 200 1a2c99489329025b0c7df166747ba3c06ee02c23.jpg
sud.ua/uploads/news_author/2020/ 7 KB
7 KB 316ms
305ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2020/1a2c99489329025b0c7df166747ba3c06ee02c23.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e79d1280b0336fa2f1f507a1efc1803fe6961a376e1dd6fe0e00ef4e78c9cb59

Request headers

:path: /uploads/news_author/2020/1a2c99489329025b0c7df166747ba3c06ee02c23.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 14 Sep 2020 11:24:49 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5f5f5301-1cfc"
content-length: 7420
content-type: image/jpeg

GET
H2 200 eb65c1c484f8b9ef8b7592d4f5f38088256881a0.jpg
sud.ua/uploads/news_author/2016/ 7 KB
7 KB 316ms
305ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2016/eb65c1c484f8b9ef8b7592d4f5f38088256881a0.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 44ed6d71ff10fba2c18d8fdc8c72d89e9aa1955400076d3f123e3d8b1aa09fc4

Request headers

:path: /uploads/news_author/2016/eb65c1c484f8b9ef8b7592d4f5f38088256881a0.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 18 Jun 2018 08:37:06 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5b276f32-1a27"
content-length: 6695
content-type: image/jpeg

GET
H2 200 c42cf38c58e2c3048742dd6b0ecdd3d5a0ca58e4.jpg
sud.ua/uploads/birthday/2020/ 24 KB
24 KB 361ms
350ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2020/c42cf38c58e2c3048742dd6b0ecdd3d5a0ca58e4.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 98e72e959c97200da1ab834304c2e1a1887cfb347e25d1f1a759bc708f7c986b

Request headers

:path: /uploads/birthday/2020/c42cf38c58e2c3048742dd6b0ecdd3d5a0ca58e4.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 20 Jan 2020 12:32:17 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5e259dd1-6005"
content-length: 24581
content-type: image/jpeg

GET
H2 200 45b8f11bdbadc452d20707c5e7d838867d4c9f27.jpg
sud.ua/uploads/birthday/2019/ 23 KB
24 KB 363ms
352ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2019/45b8f11bdbadc452d20707c5e7d838867d4c9f27.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 94882beb64831e2d0d76b8e199db1234d48893bbd34c4014266c63f8dbff570b

Request headers

:path: /uploads/birthday/2019/45b8f11bdbadc452d20707c5e7d838867d4c9f27.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 11 Feb 2019 12:41:54 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5c616d92-5d99"
content-length: 23961
content-type: image/jpeg

GET
H2 200 71e4bd77f3fdeafbe9c890b64b552f795b5a4101.jpg
sud.ua/uploads/birthday/2019/ 27 KB
28 KB 364ms
353ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2019/71e4bd77f3fdeafbe9c890b64b552f795b5a4101.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b2f20ba0f34bb6447e1204662eff864543b754047a2b75fa7b2cf6cd2a9177ac

Request headers

:path: /uploads/birthday/2019/71e4bd77f3fdeafbe9c890b64b552f795b5a4101.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 11 Feb 2019 12:42:12 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5c616da4-6dd5"
content-length: 28117
content-type: image/jpeg

GET
H2 200 c3588791dca5952fde778d1170b9392bc6c6e7da.jpg
sud.ua/uploads/birthday/2019/ 26 KB
27 KB 460ms
449ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2019/c3588791dca5952fde778d1170b9392bc6c6e7da.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5de3e8696e58c08254057aa257ac932a7fbc798331eba787651cd6b8c1750970

Request headers

:path: /uploads/birthday/2019/c3588791dca5952fde778d1170b9392bc6c6e7da.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Thu, 18 Mar 2021 14:08:54 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "60535ef6-69c0"
content-length: 27072
content-type: image/jpeg

GET
H2 200 a3c3eee592e8f19b3461e2141979d859a000efd6.jpg
sud.ua/uploads/news/2021/04/19/ 23 KB
24 KB 461ms
450ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/19/a3c3eee592e8f19b3461e2141979d859a000efd6.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cee63b6a4bbdd17f432bde950a1183d2b851819b6ad25f0b299101c6bb49f1da

Request headers

:path: /uploads/news/2021/04/19/a3c3eee592e8f19b3461e2141979d859a000efd6.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 19 Apr 2021 07:22:52 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607d2fcc-5d6e"
content-length: 23918
content-type: image/jpeg

GET
H2 200 63830c902f06723ec4acbac32e84932bdbe9224c.jpg
sud.ua/uploads/news/2021/04/20/ 98 KB
98 KB 559ms
549ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/63830c902f06723ec4acbac32e84932bdbe9224c.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0fdaad19dd6ac38461607d06370a64710c9ac3bfb163c33e931ee993ec540bf0

Request headers

:path: /uploads/news/2021/04/20/63830c902f06723ec4acbac32e84932bdbe9224c.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 08:35:07 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e923b-186b1"
content-length: 100017
content-type: image/jpeg

GET
H2 200 c93c1c4c2e35673cce537896829b51970866b7be.jpg
sud.ua/uploads/news/2021/04/20/ 47 KB
47 KB 609ms
598ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/c93c1c4c2e35673cce537896829b51970866b7be.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a92ed3f7f8cbe031d8134ef9c1aa88d1acd52c00f32d8cf21b211bde5ca51410

Request headers

:path: /uploads/news/2021/04/20/c93c1c4c2e35673cce537896829b51970866b7be.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 07:56:49 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e8941-baf9"
content-length: 47865
content-type: image/jpeg

GET
H2 200 ff67969c8f2de2b33cd527ce91b3a577f3628af1.jpg
sud.ua/uploads/news/2021/04/20/ 42 KB
42 KB 610ms
600ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/ff67969c8f2de2b33cd527ce91b3a577f3628af1.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 228bd9e5becfebc3da8f4ec49a6397272409484354f7c7dddd0fc788fc4b1a70

Request headers

:path: /uploads/news/2021/04/20/ff67969c8f2de2b33cd527ce91b3a577f3628af1.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 19 Apr 2021 14:58:48 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607d9aa8-a851"
content-length: 43089
content-type: image/jpeg

GET
H2 200 1c2a670f45addc2a7fccd845e555238e053cdb67.jpg
sud.ua/uploads/news/2021/04/19/ 34 KB
34 KB 1209ms
1199ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/19/1c2a670f45addc2a7fccd845e555238e053cdb67.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e814bfc493429b4bf766668f80942724adca03d627fbdf64438f83ae3cb28118

Request headers

:path: /uploads/news/2021/04/19/1c2a670f45addc2a7fccd845e555238e053cdb67.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 19 Apr 2021 13:15:44 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607d8280-87ae"
content-length: 34734
content-type: image/jpeg

GET
H2 200 ca33e8612fd2ea989c6342ecdf40ccda580088a9.jpg
sud.ua/uploads/news/2021/04/20/ 14 KB
14 KB 1259ms
1249ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/ca33e8612fd2ea989c6342ecdf40ccda580088a9.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b4e1625b40d5efedd2378f9d54c3d6352ef9ca8ddd39b1d2686e9dec7ae04c8a

Request headers

:path: /uploads/news/2021/04/20/ca33e8612fd2ea989c6342ecdf40ccda580088a9.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 06:07:07 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e6f8b-36ed"
content-length: 14061
content-type: image/jpeg

GET
H2 200 32f05259b4a6366e39c54dfc60939f2e12d69e58.jpg
sud.ua/uploads/news/2021/04/20/ 17 KB
17 KB 1308ms
1298ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/32f05259b4a6366e39c54dfc60939f2e12d69e58.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b8eb9bee34040486c5475bb902b1a047e1ec20d07ef32dd8fb87e4a19ee4b9b8

Request headers

:path: /uploads/news/2021/04/20/32f05259b4a6366e39c54dfc60939f2e12d69e58.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 08:52:40 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e9658-4261"
content-length: 16993
content-type: image/jpeg

GET
H2 200 f1aee8b5badb3889e6f5ec6916c22ed11be62bb8.jpg
sud.ua/uploads/news/2021/04/20/ 19 KB
19 KB 1308ms
1298ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/f1aee8b5badb3889e6f5ec6916c22ed11be62bb8.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fb09b9e81623ace5c333177fc5a04dff2004187804053f6e979f4b973743ee9a

Request headers

:path: /uploads/news/2021/04/20/f1aee8b5badb3889e6f5ec6916c22ed11be62bb8.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 06:50:21 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e79ad-4ab6"
content-length: 19126
content-type: image/jpeg

GET
H2 200 908c6584d3cc5c3596801b8b8e856c2585464c9f.jpg
sud.ua/uploads/news/2021/04/20/ 17 KB
17 KB 1308ms
1299ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/20/908c6584d3cc5c3596801b8b8e856c2585464c9f.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b8354b7c22d929f96813a47a180733df642fac250fb25d4e8709d553cda93e75

Request headers

:path: /uploads/news/2021/04/20/908c6584d3cc5c3596801b8b8e856c2585464c9f.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 07:43:33 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607e8625-4234"
content-length: 16948
content-type: image/jpeg

GET
H2 200 116ddb27a32a907de3d936d28de70a63beb54827.jpg
sud.ua/uploads/news_author/2020/ 7 KB
7 KB 1308ms
1299ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2020/116ddb27a32a907de3d936d28de70a63beb54827.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a2d1ca3ffdf9c824de2615c42597a9fc274558d98358caae794c52786214a97a

Request headers

:path: /uploads/news_author/2020/116ddb27a32a907de3d936d28de70a63beb54827.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 25 May 2020 17:32:34 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ecc0132-1b32"
content-length: 6962
content-type: image/jpeg

GET
H2 200 3d9bbd1206bf27b7b97cfc9f0f9ef72ed8d133f9.jpg
sud.ua/uploads/news_author/2018/ 9 KB
9 KB 1308ms
1299ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2018/3d9bbd1206bf27b7b97cfc9f0f9ef72ed8d133f9.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3615db66e24728a8964a527d08487c365c53a995d57530f51eee012b82e4cf73

Request headers

:path: /uploads/news_author/2018/3d9bbd1206bf27b7b97cfc9f0f9ef72ed8d133f9.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Wed, 21 Mar 2018 09:55:11 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ab22bff-2225"
content-length: 8741
content-type: image/jpeg

GET
H2 200 b01706d2effa11175bcd1b6b068e8ac623a20e81.jpg
sud.ua/uploads/news_author/2019/ 6 KB
6 KB 1308ms
1299ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2019/b01706d2effa11175bcd1b6b068e8ac623a20e81.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6ae2f2e3ecb109d17757f1a6e02bf7d3f40e9c9ad2ee2a9e003a85286659c7b2

Request headers

:path: /uploads/news_author/2019/b01706d2effa11175bcd1b6b068e8ac623a20e81.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Wed, 30 Oct 2019 12:24:10 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5db980ea-17b1"
content-length: 6065
content-type: image/jpeg

GET
H2 200 ebb1ea5b23e7becfda2adca16af2ea71d1ca8226.jpg
sud.ua/uploads/news_author/2021/ 7 KB
7 KB 1308ms
1299ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/ebb1ea5b23e7becfda2adca16af2ea71d1ca8226.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 24f306b82871f7cc1526d1c202c5f38ec7c79a067fb1ac88e534c46db2e7655b

Request headers

:path: /uploads/news_author/2021/ebb1ea5b23e7becfda2adca16af2ea71d1ca8226.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 05 Apr 2021 10:36:58 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "606ae84a-1a20"
content-length: 6688
content-type: image/jpeg

GET
H2 200 06278d67ae01181c33cb92e81bc7a9e5401b4a89.jpg
sud.ua/uploads/news_author/2021/ 7 KB
7 KB 1308ms
1299ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/06278d67ae01181c33cb92e81bc7a9e5401b4a89.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a401396efb891ba533e90ecf2503aeae1097fca4243055079dc8cb12e5124c3d

Request headers

:path: /uploads/news_author/2021/06278d67ae01181c33cb92e81bc7a9e5401b4a89.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Fri, 02 Apr 2021 12:32:00 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "60670ec0-1a36"
content-length: 6710
content-type: image/jpeg

GET
H2 200 b6a50ba27a1a2fcd1dad38f6b18f7f8e5ae76a1b.jpg
sud.ua/uploads/news_author/2019/ 6 KB
6 KB 1308ms
1299ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2019/b6a50ba27a1a2fcd1dad38f6b18f7f8e5ae76a1b.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bae3d80af60fbeee8510be784f26449f2fe402f0c9515e96f44e13249562ab3f

Request headers

:path: /uploads/news_author/2019/b6a50ba27a1a2fcd1dad38f6b18f7f8e5ae76a1b.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Sat, 11 May 2019 13:15:18 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5cd6cae6-1893"
content-length: 6291
content-type: image/jpeg

GET
H2 200 bf679ae1bf070991b9f1103069473983be27379c.jpg
sud.ua/uploads/news_author/2021/ 7 KB
7 KB 1308ms
1300ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/bf679ae1bf070991b9f1103069473983be27379c.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a0657caac1833ac27499d1d6225ff43069e64a311c978cc16418c3ad1cee7ce9

Request headers

:path: /uploads/news_author/2021/bf679ae1bf070991b9f1103069473983be27379c.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Fri, 26 Mar 2021 14:04:56 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "605dea08-1b0c"
content-length: 6924
content-type: image/jpeg

GET
H2 200 96c24cd94131b138332cda529a0880084a7dbd34.jpg
sud.ua/uploads/banner/2016/ 300 KB
300 KB 1308ms
1300ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/banner/2016/96c24cd94131b138332cda529a0880084a7dbd34.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 13cd5c51c459b11de3be896c4efb3cf3c32b5ed3a11128dceac6f712dfeaec3e

Request headers

:path: /uploads/banner/2016/96c24cd94131b138332cda529a0880084a7dbd34.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 19 Oct 2020 12:40:51 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5f8d8953-4afda"
content-length: 307162
content-type: image/jpeg

GET
H2 200 5f046b58ea3c79d865206ca10001ee3e610b88a3.jpg
sud.ua/uploads/news/2021/04/19/ 117 KB
118 KB 1308ms
1300ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/19/5f046b58ea3c79d865206ca10001ee3e610b88a3.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b0ab8dc4a04389ab03b1558dd3229db94ed6e10f8e4298fcd2322d47fccaa453

Request headers

:path: /uploads/news/2021/04/19/5f046b58ea3c79d865206ca10001ee3e610b88a3.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 19 Apr 2021 08:41:27 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "607d4237-1d57e"
content-length: 120190
content-type: image/jpeg

GET
H2 200 00e1a055baaaa56c2cfb4ab7a5cc1700b0418794.jpg
sud.ua/uploads/news/2021/04/09/ 100 KB
100 KB 1308ms
1300ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/09/00e1a055baaaa56c2cfb4ab7a5cc1700b0418794.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 26df20401eec2e603ce21ac13ec7e0a9e90413dd9c5ca13910868a3e746d3c7e

Request headers

:path: /uploads/news/2021/04/09/00e1a055baaaa56c2cfb4ab7a5cc1700b0418794.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Fri, 09 Apr 2021 08:25:11 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "60700f67-18f46"
content-length: 102214
content-type: image/jpeg

GET
H2 200 9102421d3dd6c21371de0068e2a2403383899313.jpg
sud.ua/uploads/news/2021/04/08/ 85 KB
85 KB 1308ms
1300ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/08/9102421d3dd6c21371de0068e2a2403383899313.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c7d4e2f4ac960edd95bd012d67be19037254a8ca4de9f543840ec0d2f0f5f0dc

Request headers

:path: /uploads/news/2021/04/08/9102421d3dd6c21371de0068e2a2403383899313.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Thu, 08 Apr 2021 08:34:55 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "606ec02f-1538c"
content-length: 86924
content-type: image/jpeg

GET
H2 200 28d74af6f8860522730b497b8ade088ed34a3785.jpg
sud.ua/uploads/news/2021/04/07/ 95 KB
95 KB 1308ms
1301ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/07/28d74af6f8860522730b497b8ade088ed34a3785.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ae46cd167569f8d28ed023c9eec30a75447cc9f0255b00ec1bc947c8eb3bd11f

Request headers

:path: /uploads/news/2021/04/07/28d74af6f8860522730b497b8ade088ed34a3785.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Wed, 07 Apr 2021 08:04:49 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "606d67a1-17c9c"
content-length: 97436
content-type: image/jpeg

GET
H2 200 982d8865b53030c6e3154a33595c6ffa135c2000.jpg
sud.ua/uploads/news/2021/04/06/ 86 KB
86 KB 1308ms
1301ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/06/982d8865b53030c6e3154a33595c6ffa135c2000.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fc547a325ef7aaaf342099d9a8ee616af4258661e95efd4ec5e37301dc3b4519

Request headers

:path: /uploads/news/2021/04/06/982d8865b53030c6e3154a33595c6ffa135c2000.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 06 Apr 2021 08:34:43 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "606c1d23-158f1"
content-length: 88305
content-type: image/jpeg

GET
H2 200 dc4f75fb4cb7f2a2841175910d60e949e3abbddf.jpg
sud.ua/uploads/news/2021/04/05/ 110 KB
110 KB 1308ms
1301ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/04/05/dc4f75fb4cb7f2a2841175910d60e949e3abbddf.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 188bfc8f2cc09fc0027131648688581c485a3a927ec60383475e17736b1e537e

Request headers

:path: /uploads/news/2021/04/05/dc4f75fb4cb7f2a2841175910d60e949e3abbddf.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 05 Apr 2021 11:04:46 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "606aeece-1b65e"
content-length: 112222
content-type: image/jpeg

GET
H2 200 b162c9c14744c2293a55348cc6cb3d32ddcf8d14.jpg
sud.ua/uploads/news/2021/03/26/ 138 KB
138 KB 1308ms
1301ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/03/26/b162c9c14744c2293a55348cc6cb3d32ddcf8d14.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4f153750d7cd90a673fbf081c835672588c35fde4741676bf21b45c955eedb91

Request headers

:path: /uploads/news/2021/03/26/b162c9c14744c2293a55348cc6cb3d32ddcf8d14.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Fri, 26 Mar 2021 13:19:31 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "605ddf63-2287b"
content-length: 141435
content-type: image/jpeg

GET
H2 200 3fc4c566e29b5304f63cf3f97c94685ba787c688.jpg
sud.ua/uploads/news/2021/03/18/ 67 KB
67 KB 1308ms
1301ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/03/18/3fc4c566e29b5304f63cf3f97c94685ba787c688.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 493934fbbe22818df2d4a46ea8598825eaa0cd77c8cf5b1f5e873a6db0b2de36

Request headers

:path: /uploads/news/2021/03/18/3fc4c566e29b5304f63cf3f97c94685ba787c688.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Thu, 18 Mar 2021 14:04:58 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "60535e0a-10cc6"
content-length: 68806
content-type: image/jpeg

GET
H2 200 01770f773a5b0456a5fb116a992ee376ba10312e.jpg
sud.ua/uploads/news/2021/03/15/ 63 KB
63 KB 1308ms
1301ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/03/15/01770f773a5b0456a5fb116a992ee376ba10312e.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6a77e4c399abddcf8fbe16bc731d01b06e99addff6e0e2c3f672eb39ac86f757

Request headers

:path: /uploads/news/2021/03/15/01770f773a5b0456a5fb116a992ee376ba10312e.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 15 Mar 2021 11:33:09 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "604f45f5-fca4"
content-length: 64676
content-type: image/jpeg

GET
H2 200 457cb9bcb412a727d9b380b8607b40c0de6459e2.jpg
sud.ua/uploads/news/2021/03/12/ 64 KB
64 KB 1308ms
1302ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/03/12/457cb9bcb412a727d9b380b8607b40c0de6459e2.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5b4ad7e40a4e6a84cafb2ceb32ec2f04eea738cf493891f94ff39ed40d7868e3

Request headers

:path: /uploads/news/2021/03/12/457cb9bcb412a727d9b380b8607b40c0de6459e2.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Fri, 12 Mar 2021 14:05:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "604b753b-fed4"
content-length: 65236
content-type: image/jpeg

GET
H2 200 07eae6124c5ce467253feeb126cce3c49e4a20b7.jpg
sud.ua/uploads/news/2021/03/13/ 100 KB
101 KB 1308ms
1302ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/03/13/07eae6124c5ce467253feeb126cce3c49e4a20b7.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b94c180b6b31eef0965a12492ffeabc00962c355b442367c168ec070e47e03f5

Request headers

:path: /uploads/news/2021/03/13/07eae6124c5ce467253feeb126cce3c49e4a20b7.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Fri, 12 Mar 2021 10:39:37 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "604b44e9-191d8"
content-length: 102872
content-type: image/jpeg

GET
H2 200 431144b6c768ad4bf4599ff5c73f5f8782fbde6d.jpg
sud.ua/uploads/news/2021/03/11/ 71 KB
72 KB 1308ms
1302ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2021/03/11/431144b6c768ad4bf4599ff5c73f5f8782fbde6d.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7d80af3c384803e7d575ab00e9f49714078119ab14658b3574e5d16b8a47cfd8

Request headers

:path: /uploads/news/2021/03/11/431144b6c768ad4bf4599ff5c73f5f8782fbde6d.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Wed, 10 Mar 2021 19:09:46 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "6049197a-11d30"
content-length: 73008
content-type: image/jpeg

GET
H2 200 rcode.RXTtRlV3fD.js Show response
recreativ.ru/ 933 B
699 B 46ms
12ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://recreativ.ru/rcode.RXTtRlV3fD.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 227fc9e1f83f53831fb7be887fbbf71d601c9e40134842eb9ac9bf8cf65de4c3

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, no-transform, must-revalidate
content-type: text/javascript;charset=utf-8
expires: Tue, 20 Apr 2021 12:11:19 +0300

GET
H2 200 reset.css
sud.ua/css/ 985 B
1 KB 247ms
247ms Stylesheet
text/css 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/reset.css
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ff5dff32d6574a74371594d2416d221bbc7bf279b00cd72a7ac10f2351a1cabe

Request headers

:path: /css/reset.css
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sud.ua
referer: https://sud.ua/css/sud.css?v=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:18 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-3d9"
content-length: 985
content-type: text/css

GET
H2 200 58f9d12a49bbaa00120f493d.js Show response
buttons-config.sharethis.com/js/ 472 B
838 B 53ms
22ms Script
text/javascript 2600:9000:2190:9000:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/58f9d12a49bbaa00120f493d.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa3b6b444ffbf3dadd31b66c2ec3f593db35c65ff29f08692cf7f4776d20af1a

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 20 Apr 2021 09:11:19 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 21:07:20 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "95d19d51e4043570fd43b09d21f0be43"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 472
x-amz-cf-id: 1uPpCzbsauxDMHWl-XlToZQa3JvVEaaOi1OvYNnC-_Kmo_t2YH7Jhw==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3979
date: Tue, 20 Apr 2021 08:05:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 20 Apr 2021 10:05:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 25ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: /BTufFfXM9d37RT1ta5eCYiNj8skrrh14CayKvR0sLpN0HFQ/YddErtdrCqwg/1U5c6rsVp69WtkDQ8cWBWJNg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 20 Apr 2021 09:11:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f86585a5c8a27d5ec8779777fce68c7e0aa637e7862a9562195ab81417d569df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: a3DqgofXYkb1ZusVPWUEJA==
cross-origin-resource-policy: cross-origin
expires: Tue, 20 Apr 2021 09:22:22 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: mPIHPVIsuo0oPpluVoF8h9w3U2O1BEtM0TwiM4s+8C2XtWzDP2/FON96is7hjqWeL7y3ZLc7dCuiuudxj6+39g==
x-fb-trip-id: 917726464
x-fb-content-md5: 176ed7fc9ad1a0f077cc3b79acc0b484
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 20 Apr 2021 09:11:19 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ed96ffe9eff8fdf5ac9639a02de2c4bd"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 playlist Show response
www.youtube.com/embed/ Frame 1C8E 213 KB
39 KB 184ms
179ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bb8cb0620eb0c33262b6a389dcb265603228459e4ca59e31d6b865257f72de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 20 Apr 2021 09:11:19 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=33udLPDqmmY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Ww-imgTEryI; Domain=.youtube.com; Expires=Sun, 17-Oct-2021 09:11:19 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+518; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2673156668a0b9ea3bc1a28084a5556bf8493308.jpg
sud.ua/uploads/issue/2021/03/08/ 26 KB
26 KB 1308ms
1302ms Image
image/jpeg 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/issue/2021/03/08/2673156668a0b9ea3bc1a28084a5556bf8493308.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c8e2a00c397f02038b70223a315c58409cd4b29b577c7b67b076c4ddffc1e932

Request headers

:path: /uploads/issue/2021/03/08/2673156668a0b9ea3bc1a28084a5556bf8493308.jpg
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Fri, 05 Mar 2021 20:40:15 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "6042972f-68f0"
content-length: 26864
content-type: image/jpeg

GET
H2 200 issue_line.png
sud.ua/images/ 2 KB
2 KB 1308ms
1302ms Image
image/png 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/issue_line.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bd29d93688f3cfb2f685ca050428cf6ab7cd7d4a7d723a3f39c78f1584419ffd

Request headers

:path: /images/issue_line.png
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/css/sud.css?v=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-6b2"
content-length: 1714
content-type: image/png

GET
H2 200 src_ico.png
sud.ua/images/ 1 KB
1 KB 1308ms
1302ms Image
image/png 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/src_ico.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e4c9141010cf4cc43881f45220d5a17e89938fc24d9dd8a3a8b98b36ccd33d30

Request headers

:path: /images/src_ico.png
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/css/sud.css?v=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-4bc"
content-length: 1212
content-type: image/png

GET
H2 200 s_ico.png
sud.ua/images/ 5 KB
5 KB 1307ms
1303ms Image
image/png 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/s_ico.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: be6e94ecf29b4cab11120ced07a975654c6a85678b7646f6e92e1c4673206551

Request headers

:path: /images/s_ico.png
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/css/sud.css?v=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Wed, 10 Mar 2021 21:39:21 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "60493c89-120d"
content-length: 4621
content-type: image/png

GET
H2 200 arrow.gif
sud.ua/images/ 2 KB
2 KB 1307ms
1303ms Image
image/gif 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/arrow.gif
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: da4b5b07477784514c5b7669c83e1d2ebaec4dff8fa63d4bbf2f56973179b207

Request headers

:path: /images/arrow.gif
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/css/sud.css?v=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 13 Aug 2019 09:54:15 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d5288c7-640"
content-length: 1600
content-type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 9 KB
9 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sud.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:27:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:11:01 GMT
server: sffe
age: 42248
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:27:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ 9 KB
10 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sud.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 03:59:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:43 GMT
server: sffe
age: 191523
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
expires: Mon, 18 Apr 2022 03:59:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sud.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 42931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:48 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
fonts.gstatic.com/s/notoserif/v9/ 18 KB
18 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aeb04131df1322b44d201b4298aff834e34a31cf3fc2e72dc2341896bff49d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sud.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:58:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:53 GMT
server: sffe
age: 187998
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18288
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:58:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sud.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 42931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:48 GMT

GET
H3-29 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v9/ 27 KB
27 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sud.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:30:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:59 GMT
server: sffe
age: 6029
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27344
x-xss-protection: 0
expires: Wed, 20 Apr 2022 07:30:50 GMT

GET
H2 200 ticker_22035.js Show response
js-goods.redtram.com/0/22/ 30 KB
9 KB 206ms
45ms Script
application/javascript 62.244.25.75
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://js-goods.redtram.com/0/22/ticker_22035.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.75 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 94511a51fcbc18a450cb0335adfb20ab351098115192db6dfc623b6ea2302794

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 07:31:09 GMT
server: nginx/1.18.0
etag: W/"5fb37c3d-76c6"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-transform
content-type: application/javascript

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame FBF6 2 KB
1 KB 41ms
12ms Document
text/html 2600:9000:2190:e400:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:e400:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Tue, 20 Apr 2021 09:00:14 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ATOgODFWJ_hNO3kPyfbKV4LusDGnYFBSZMKHmWrx8gUq3BjE0XplyQ==
age: 665

GET
H2 200 / Show response
newscode.online/ru/36336/ 16 KB
5 KB 180ms
52ms Script
application/javascript 62.244.25.85
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://newscode.online/ru/36336/
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.85 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5d48eafdb97c8d21206f6a45eb7ef84dc3dd56cfd4edaf8223048da2da82b2c1

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 12:41:03 GMT
server: nginx/1.18.0
etag: W/"5fd8aedf-3e2c"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
expires: Tue, 27 Apr 2021 09:11:19 GMT

GET
H2 200 newspapper.png
sud.ua/images/ 37 KB
37 KB 3131ms
3130ms Image
image/png 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/newspapper.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 080caf1867eb9590d5bc98c4ba64aa0d62ef95efe5bbccc83e52114c18f101ed

Request headers

:path: /images/newspapper.png
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/css/sud.css?v=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-952c"
content-length: 38188
content-type: image/png

GET
H2 200 social.png
sud.ua/images/ 7 KB
7 KB 3130ms
3130ms Image
image/png 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/social.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 01650f811314c520a71b059d7d6bd0e2382029d1c6a6f82524400d3563bad922

Request headers

:path: /images/social.png
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/css/sud.css?v=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 20 Jan 2020 12:55:50 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5e25a356-1bd2"
content-length: 7122
content-type: image/png

GET
H3-29 200 ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v9/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd15990b17d2d9fc3f84859e5cc778ee22113b01592f5d98433d44ca4a4ffee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sud.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:24 GMT
server: sffe
age: 169642
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:57 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//sud.ua/;0.6267522909540082
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//sud.ua/;0.6267522909540082

43 B
496 B

58ms
56ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//sud.ua/;0.6267522909540082

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 19 Apr 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//sud.ua/;0.6267522909540082
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 19 Apr 2020 21:00:00 GMT

GET
H2 200 playlist Show response
www.youtube.com/embed/ Frame 5CCE 213 KB
39 KB 193ms
193ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3aceed8a40c217b0568b8c04fdb4314a19eb2d6e1f3c8133657c1d4dc291863d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 20 Apr 2021 09:11:19 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=JZ9BQARs0T8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=d8FiQskLcAE; Domain=.youtube.com; Expires=Sun, 17-Oct-2021 09:11:19 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+136; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/ 222 KB
83 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2535113839332652&plah=sud.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84655
x-xss-protection: 0
server: cafe
etag: 16615013293570182620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 09:11:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/ Frame 0494 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210415/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 14:54:34 GMT
expires: Mon, 03 May 2021 14:54:34 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 65805
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 22ms
21ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1708162283&utmhn=sud.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D1%83%D0%B4%D0%B5%D0%B1%D0%BD%D0%BE-%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&utmhid=455070738&utmr=-&utmp=%2F&utmht=1618909879319&utmac=UA-30552542-1&utmcc=__utma%3D223010201.1521625758.1618909879.1618909879.1618909879.1%3B%2B__utmz%3D223010201.1618909879.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=185372295&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/ru_RU/ 217 KB
64 KB 16ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=8b1cc17864f046cfa9890d628992dac3&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f0377a08308b433f751c40610bd8cce1d1aa3b087dbcbc436d81c33d9d92408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://sud.ua
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kVuQDRekBg18HSDo0Zlj+g==
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Apr 2022 08:35:44 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65552
x-fb-rlafr: 0
x-fb-debug: 93Ieg44MGfw8dbyU5y+EBeHekSdTjUMCHM1pFfRso3A7BLu338sMJvHuS84da+EEcr7KYxBGp0F928URky+vgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 45205aa8fa85119bc1ccd7d39b8f32b0
date: Tue, 20 Apr 2021 09:11:19 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1eaec0e6dfef8a669687ea2fc86d1e8d"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 2149114148710027 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 53ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2149114148710027?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53725ee1909c1ca873eb7d9d884446abc40dc7b37f5f1ffef98a3d7ea698aa07

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 0rChHK8aBB9yy9rh5w6wz2pNEIohLdXI5xWIZq3RppKTHPqk8Jcq9Pm6hqv4v0q8nmA/HJMCUwZUsjxJtUAxcw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 20 Apr 2021 09:11:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jsunit Show response
a4p.adpartner.pro/ 8 KB
2 KB 58ms
18ms Script
application/javascript 5.135.83.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&0.8288340085485988
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.83.158 , France, ASN16276 (OVH, FR),
Reverse DNS: app-05.adpartner.pro
Software: nginx /
Resource Hash: 24ae882e5315cdfd8856e4bd212b6648f57d794252722d341c81d73d71dd6a11

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show/ 4 KB
4 KB 76ms
24ms Script
application/javascript 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show/?id=5251&r=0.48364223920495464

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

e7e59bc84d2e443d702053f6ae82ba4449b26f25188ece2864deceee88d7b85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
strict-transport-security: max-age=15768000, max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 main.js Show response
go.rcvlink.com/static/ Frame 920B 6 KB
3 KB 47ms
11ms Script
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/main.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 0ad48e80fbe5b37de8bb25a87f6da522fc183a0667ba14eed2de45eec9e2c497

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 21:28:24 GMT
server: nginx
etag: W/"60678c78-17d5"
content-type: application/javascript
cache-control: max-age=86400
expires: Wed, 21 Apr 2021 09:11:19 GMT

GET
H2

200

03.png
i.bigmir.net/cnt/
Redirect Chain

https://c.bigmir.net/?v16953431&s16954880&t3&c1&n486255&w0&y0&d24&r1600
https://i.bigmir.net/cnt/03.png

723 B
897 B

117ms
38ms

Image
image/png

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/03.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Sun, 02 Oct 2005 23:04:59 GMT
server: nginx
etag: "4340679b-2d3"
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 723
expires: Fri, 23 Apr 2021 09:11:19 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:19 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/03.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 top.png
sud.ua/images/ 1 KB
1 KB 3039ms
3039ms Image
image/png 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/top.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d39876159a565d9c3c7a6abd4c4ac30182045b2c9ed5013aecded4fd9802c86f

Request headers

:path: /images/top.png
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0; __utma=223010201.1521625758.1618909879.1618909879.1618909879.1; __utmc=223010201; __utmz=223010201.1618909879.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=223010201.1.10.1618909879; b=b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/css/sud.css?v=3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-4ea"
content-length: 1258
content-type: image/png

GET
H2 200 nav.png
sud.ua/images/ 2 KB
2 KB 3029ms
3028ms Image
image/png 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/nav.png
Requested by: Host: sud.ua
URL: https://sud.ua/js/flexslider/flexslider.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c0ab997391abab3e273f905250bdc273cee6566988361ade951087cad01eab03

Request headers

:path: /images/nav.png
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0; __utma=223010201.1521625758.1618909879.1618909879.1618909879.1; __utmc=223010201; __utmz=223010201.1618909879.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=223010201.1.10.1618909879; b=b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sud.ua
referer: https://sud.ua/js/flexslider/flexslider.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/js/flexslider/flexslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5ba0ee53-6e6"
content-length: 1766
content-type: image/png

GET
H2 200 1 Show response
recreativ.ru/cs/1/ 34 B
134 B 13ms
13ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://recreativ.ru/cs/1/1
Requested by: Host: recreativ.ru
URL: https://recreativ.ru/rcode.RXTtRlV3fD.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 53e7e80e3b19f265f1dc0369efaaec9746d8e73cba4167459838c1b5b97d1cc1

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b27
cache-control: private, max-age=315360000
expires: Fri, 18 Apr 2031 12:11:19 +0300

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
328 B 63ms
20ms XHR
text/plain 52.58.221.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=sud.ua&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fsud.ua%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D0%A1%D1%83%D0%B4%D0%B5%D0%B1%D0%BD%D0%BE-%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&cms=unknown&publisher=58f9d12a49bbaa00120f493d&sop=true&bsamesite=true&consent_cookie_duration=184&consent_duration=184&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:11:19 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://sud.ua
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 196 B
638 B 37ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sud.ua&callback=_gfp_s_&client=ca-pub-2535113839332652

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2535113839332652&plah=sud.ua&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

91a09d01996e7873fe9aebfe9e3398fc51eda56bd9d2f3d371192b8531f08950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 005B 39 KB
2 KB 61ms
59ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&adk=1812271804&adf=3025194257&lmt=1618909879&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsud.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879293&bpp=13&bdt=499&idt=94&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5610137990111&frm=20&pv=2&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=112

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0683c3d12f0bca5e417a83c47f5ed531614a96637799f9f5de0d4e950c3a8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2535113839332652&output=html&adk=1812271804&adf=3025194257&lmt=1618909879&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsud.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879293&bpp=13&bdt=499&idt=94&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5610137990111&frm=20&pv=2&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 09:11:19 GMT
server: cafe
content-length: 1946
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Apr-2021 09:26:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 09:11:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:19 GMT

GET
H2 200 ls Show response
a4p.adpartner.pro/jsunit/ Frame 93C3 6 KB
2 KB 22ms
19ms Document
text/html 5.135.83.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&session_pageview=1&session_id=71055c60-e330-4c45-9595-3174fc574005&site_visited=1&apuid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fsud.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&0.8288340085485988
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.83.158 , France, ASN16276 (OVH, FR),
Reverse DNS: app-05.adpartner.pro
Software: nginx /
Resource Hash: 2d9ef3a7b5e0218a1b81ab71e7fff7eb167af16de2f5a3b6a132a9a8862b0168

Request headers

:method: GET
:authority: a4p.adpartner.pro
:scheme: https
:path: /jsunit/ls?jsunit=3106&unit_id=6480&session_pageview=1&session_id=71055c60-e330-4c45-9595-3174fc574005&site_visited=1&apuid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fsud.ua%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

server: nginx
date: Tue, 20 Apr 2021 09:11:19 GMT
content-type: text/html; charset=utf-8
set-cookie: sud.ua_ref=; Path=/; Expires=Tue, 20 Apr 2021 10:11:19 GMT; Secure; SameSite=None
cache-control: no-store no-transform
content-encoding: br

GET
H2 200 tizers.php Show response
recreativ.ru/ 20 KB
9 KB 27ms
24ms Script
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://recreativ.ru/tizers.php?bn=RXTtRlV3fD&cache=t5zf4tfesWr62x0
Requested by: Host: recreativ.ru
URL: https://recreativ.ru/rcode.RXTtRlV3fD.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 25a3417c70e26250627ac4951a75219f18a6c95b8a1f1ff3ead5b69831ce5058

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
hn: b22
cache-control: no-cache, no-store, no-transform, must-revalidate
content-type: application/javascript;charset=utf-8
expires: Tue, 20 Apr 2021 12:11:19 +0300

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/ba95ea16/ Frame 1C8E 357 KB
53 KB 24ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd945fbb0a145303f4b3e548fca8dea34ab6cd2da9ba1ad86f666163b5c8b64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 62615
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53792
x-xss-protection: 0
expires: Tue, 19 Apr 2022 15:47:44 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C8E 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 169661
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 1 Show response
recreativ.ru/cs/1/ Frame 920B 34 B
86 B 14ms
13ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://recreativ.ru/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 7aae860fe980d20d4271ba2c74e6952833061a001b1f8448c100c6ee96c6f8b7

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b24
cache-control: private, max-age=315360000
expires: Fri, 18 Apr 2031 12:11:19 +0300

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 920B 34 B
156 B 15ms
14ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 76db4847769465e3baa406950cc52736510b59ccafc06161b7cc2fb8455b8e1c

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b13
cache-control: private, max-age=315360000
expires: Fri, 18 Apr 2031 12:11:19 +0300

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 21ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2149114148710027&ev=PageView&dl=https%3A%2F%2Fsud.ua%2F&rl=&if=false&ts=1618909879436&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618909879434.951031933&it=1618909879326&coo=false&rqm=GET

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 20 Apr 2021 09:11:19 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/ Frame 1C8E 185 KB
66 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c49951d3193c7e97874c7ba72e331b98038bdc2eeb9bc756814c8d4057b9c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 27556
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67053
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:32:03 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/ Frame 1C8E 2 MB
518 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a537d6746ab53bb766db09c3d67a43d1a033137bd0901431837ce6832b69342e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 62319
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 529930
x-xss-protection: 0
expires: Tue, 19 Apr 2022 15:52:40 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ba95ea16/fetch-polyfill.vflset/ Frame 1C8E 8 KB
3 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 00:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 31184
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Wed, 20 Apr 2022 00:31:35 GMT

GET
H2 200 7410.gif
rus.redtram.com/px/ 43 B
235 B 82ms
74ms Image
image/gif 62.244.25.75
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rus.redtram.com/px/7410.gif?ref2=&v=1618909879470
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.75 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 25 Apr 1986 22:23:46 GMT

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 920B 34 B
194 B 13ms
13ms XHR
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 7aae860fe980d20d4271ba2c74e6952833061a001b1f8448c100c6ee96c6f8b7

Request headers

Referer: https://sud.ua/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-cache: t5zf4tfesWr62Bk

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: https://sud.ua
hn: b22
cache-control: private, max-age=315360000
access-control-allow-credentials: true
expires: Fri, 18 Apr 2031 12:11:19 +0300

OPTIONS
H2 204 1
go.rcvlink.com/cs/1/ Frame 0
0 41ms
13ms Preflight 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Protocol: H2
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-cache
Origin: https://sud.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 20 Apr 2021 09:11:19 GMT
hn: b16
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Cache-Control, x-cache
access-control-max-age: 86400

GET
H2 200 618462923e1e8afa9f79f54ccfdcac51
st11.recreativ.ru/2/304/ 6 KB
6 KB 49ms
20ms Image
image/webp 136.243.128.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.recreativ.ru/2/304/618462923e1e8afa9f79f54ccfdcac51
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.128.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: st11.recreativ.ru
Software: openresty /
Resource Hash: e7f0018c5ed7195e5cf71a4ed0912a2506756132d7bccc144c150471f22c0cbc

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Wed, 16 Dec 2020 10:21:27 GMT
server: openresty
etag: "5fd9dfa7-94be"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6250
expires: Mon, 19 Jul 2021 09:11:19 GMT

GET
H2 200 6e9772092b02b6954055daad4da8aea7
st11.recreativ.ru/2/304/ 16 KB
17 KB 50ms
21ms Image
image/webp 136.243.128.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.recreativ.ru/2/304/6e9772092b02b6954055daad4da8aea7
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.128.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: st11.recreativ.ru
Software: openresty /
Resource Hash: 48ed8cfd21796cde58e9494dc234a7860b50666d674355b43b0f74a0a461f2b9

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 02 Feb 2021 12:19:19 GMT
server: openresty
etag: "60194347-11918"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16840
expires: Mon, 19 Jul 2021 09:11:19 GMT

GET
H2 200 81cf01675a8da64d4a5a07197166e991
st11.recreativ.ru/2/304/ 16 KB
16 KB 57ms
28ms Image
image/webp 136.243.128.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.recreativ.ru/2/304/81cf01675a8da64d4a5a07197166e991
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.128.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: st11.recreativ.ru
Software: openresty /
Resource Hash: cbea5aa09e0056f767cc78594912749a4f6b1f32074afc94b8d96b77d058acb4

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 29 Dec 2020 10:54:02 GMT
server: openresty
etag: "5feb0aca-f8ee"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16298
expires: Mon, 19 Jul 2021 09:11:19 GMT

GET
H2 200 5cf6426d4a454e7499787aaa25e92d86
st11.recreativ.ru/2/304/ 3 KB
3 KB 60ms
31ms Image
image/webp 136.243.128.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.recreativ.ru/2/304/5cf6426d4a454e7499787aaa25e92d86
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.128.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: st11.recreativ.ru
Software: openresty /
Resource Hash: f39d5dae5c181626fad84825a3b0b96a7479b2d9a09d82766e214d6f0f75df24

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Sun, 18 Apr 2021 19:55:35 GMT
server: openresty
etag: "607c8eb7-791b"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 3204
expires: Mon, 19 Jul 2021 09:11:19 GMT

GET
H2 200 logo160.png
recreativ.ru/img/ 6 KB
6 KB 12ms
12ms Image
image/png 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recreativ.ru/img/logo160.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Tue, 27 Apr 2021 09:11:19 GMT

GET
H2 200 / Show response
rus.redtram.com/i/ 1 KB
952 B 48ms
48ms Script
application/x-javascript 62.244.25.75
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://rus.redtram.com/i/?i=36336&ref2=&rt_page=1&idn=xyfw&skp=&tmload=1618909879
Requested by: Host: newscode.online
URL: https://newscode.online/ru/36336/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.75 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1f23ad27b3c331b4335beceb73d5cfd55feac0a4b454376c55546308b366d071

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 25 Apr 1986 22:23:46 GMT
server: nginx/1.18.0
content-encoding: gzip
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 93C3 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&session_pageview=1&session_id=71055c60-e330-4c45-9595-3174fc574005&site_visited=1&apuid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fsud.ua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4497
date: Tue, 20 Apr 2021 07:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 20 Apr 2021 09:56:22 GMT

POST
H2 200 jsunit Show response
a4p.adpartner.pro/ Frame 93C3 5 KB
2 KB 403ms
403ms XHR
application/javascript 5.135.83.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&session_id=71055c60-e330-4c45-9595-3174fc574005&session_pageview=1&site_visited=1&unit_id=6480
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&session_pageview=1&session_id=71055c60-e330-4c45-9595-3174fc574005&site_visited=1&apuid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fsud.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.83.158 , France, ASN16276 (OVH, FR),
Reverse DNS: app-05.adpartner.pro
Software: nginx /
Resource Hash: eed8c3d246f5aed714f3cd137b8b35d3f823b020192e0de188dce6209634dfe0

Request headers

Referer: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&session_pageview=1&session_id=71055c60-e330-4c45-9595-3174fc574005&site_visited=1&apuid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1&width=300&screen_width=1600&ref=&location=https%3A%2F%2Fsud.ua%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://a4p.adpartner.pro
date: Tue, 20 Apr 2021 09:11:19 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 iframe.htm Show response
go.rcvlink.com/static/ Frame 9EB5 13 KB
6 KB 13ms
11ms Document
text/html 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/iframe.htm
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a8d5ee219683061c909a445a41bd4566323498f873a939a88f885f813e577f34

Request headers

:method: GET
:authority: go.rcvlink.com
:scheme: https
:path: /static/iframe.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

server: nginx
date: Tue, 20 Apr 2021 09:11:19 GMT
content-type: text/html
last-modified: Sat, 03 Apr 2021 06:37:04 GMT
etag: W/"60680d10-33e9"
expires: Wed, 21 Apr 2021 09:11:19 GMT
cache-control: max-age=86400
content-encoding: gzip

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 1C8E 113 B
161 B 14ms
14ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

475188e46a83cd66aab8370679233cbbe71348e08e49933fcb99d3d6dec9b4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1C8E 29 B
406 B 26ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 15
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:26:04 GMT

GET
H2 404 /
goods.redtram.com/g/ 0
0 52ms
51ms Script
text/html 62.244.25.75
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://goods.redtram.com/g/?i=22035&f=jsonobj&ref2=&rtg_page=1&idn=itlu&skp=
Requested by: Host: js-goods.redtram.com
URL: https://js-goods.redtram.com/0/22/ticker_22035.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.75 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-upstream: 10.1.3.33:9005
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: text/html; charset=ISO-8859-1

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/ Frame 1C8E 97 KB
32 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3bfd9a33f41d24ecac9c57e05f86b8cef6c2dfd9b10ca8cd704e439f3e7900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 62275
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32794
x-xss-protection: 0
expires: Tue, 19 Apr 2022 15:53:24 GMT

GET
H2 200 fYn6ScbPBUe-QK7fzt0cVlbVnZLLOSkvyM8HAnvGAjQ.js Show response
www.google.com/js/th/ Frame 1C8E 33 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/fYn6ScbPBUe-QK7fzt0cVlbVnZLLOSkvyM8HAnvGAjQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d89fa49c6cf0547be40aedfcedd1c5656d59d92cb39292fc8cf07027bc60234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 06:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:00:00 GMT
server: sffe
age: 8188
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12676
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:54:51 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/ Frame 1C8E 24 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14b348a610401875e6ac6e40ee387af0b1697eb07c4c118eb66261d1e6cb7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 62317
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7768
x-xss-protection: 0
expires: Tue, 19 Apr 2022 15:52:42 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/ba95ea16/ Frame 5CCE 357 KB
53 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd945fbb0a145303f4b3e548fca8dea34ab6cd2da9ba1ad86f666163b5c8b64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 62615
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53792
x-xss-protection: 0
expires: Tue, 19 Apr 2022 15:47:44 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5CCE 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 169661
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2406 83 KB
27 KB 630ms
629ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=3669479829&pi=t.aa~a.3331352014~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=2&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0&nras=2&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=1272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gRwl7O4nlo&p=https%3A//sud.ua&dtd=11

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f9df9e760042764c811402bf742e6a82cfd246b1b77c2e0d9000a98411a53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=3669479829&pi=t.aa~a.3331352014~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=2&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0&nras=2&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=1272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gRwl7O4nlo&p=https%3A//sud.ua&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk_C-VJd3I9O4KyEyB6VQDxKfZ08vAGD5mpo2-evT3R8feoIIMlso6fIqxF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 09:11:20 GMT
server: cafe
content-length: 27870
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FA3 102 KB
29 KB 687ms
686ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=2657765983&pi=t.aa~a.1171853407~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600&nras=3&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=141&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oUpoHAVDMF&p=https%3A//sud.ua&dtd=15

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ea83f06d03d75cd64b9243d30ef1d5c5a24b2b997f72b7c827786dc125945b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=2657765983&pi=t.aa~a.1171853407~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600&nras=3&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=141&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oUpoHAVDMF&p=https%3A//sud.ua&dtd=15
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk_C-VJd3I9O4KyEyB6VQDxKfZ08vAGD5mpo2-evT3R8feoIIMlso6fIqxF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 09:11:20 GMT
server: cafe
content-length: 29701
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF10 75 KB
26 KB 409ms
408ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=240&adk=3228360848&adf=4036433046&pi=t.aa~a.2991870961~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x240&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600&nras=4&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=3002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=U1sLcPLR03&p=https%3A//sud.ua&dtd=18

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5d23ebe06add3a52554f17192978702829f88e1243abb1e87c4563ffbe2a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2535113839332652&output=html&h=240&adk=3228360848&adf=4036433046&pi=t.aa~a.2991870961~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x240&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600&nras=4&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=3002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=U1sLcPLR03&p=https%3A//sud.ua&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk_C-VJd3I9O4KyEyB6VQDxKfZ08vAGD5mpo2-evT3R8feoIIMlso6fIqxF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 09:11:20 GMT
server: cafe
content-length: 26948
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3367 75 KB
26 KB 385ms
384ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=100&adk=3119739864&adf=1960333627&pi=t.aa~a.3325200224~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x100&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600%2C300x240&nras=5&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=432&ady=3336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=zhRZu1zwhj&p=https%3A//sud.ua&dtd=22

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b354fe3c57910c4defbf4f303c2bfbc91364606bf3749568aa919c9910f5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2535113839332652&output=html&h=100&adk=3119739864&adf=1960333627&pi=t.aa~a.3325200224~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x100&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600%2C300x240&nras=5&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=432&ady=3336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=zhRZu1zwhj&p=https%3A//sud.ua&dtd=22
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk_C-VJd3I9O4KyEyB6VQDxKfZ08vAGD5mpo2-evT3R8feoIIMlso6fIqxF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 09:11:20 GMT
server: cafe
content-length: 26893
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/ Frame 5CCE 185 KB
66 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c49951d3193c7e97874c7ba72e331b98038bdc2eeb9bc756814c8d4057b9c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 27556
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67053
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:32:03 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/ Frame 5CCE 2 MB
518 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a537d6746ab53bb766db09c3d67a43d1a033137bd0901431837ce6832b69342e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 62319
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 529930
x-xss-protection: 0
expires: Tue, 19 Apr 2022 15:52:40 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ba95ea16/fetch-polyfill.vflset/ Frame 5CCE 8 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 00:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 31184
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Wed, 20 Apr 2022 00:31:35 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1C8E 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:19 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 1C8E 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MBQlLA
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 5CCE 113 B
159 B 14ms
13ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03918e7f1255c7be0f422b545e9fe888a38e1318294ed36c8aaeae7115ec17d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5CCE 29 B
52 B 21ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 15
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:26:04 GMT

GET
H3-29 204 csi_204
www.youtube.com/ Frame 1C8E 0
19 B 15ms
15ms Image
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/csi_204?v=2&s=youtube&action=embed&yt_sts=n&is_nav=1&csn=MC4wMTgyNzU0MjUzMTEwODkyNzc.&yt_vis=1&yt_lt=cold&rc=&st=169&cpn=EqZYsSG9zHXXzWkd&rt=pe.394,srt.189,nreqs.10,nress.189,nrese.202,wffs.227,wffe.237,rsf_pc.226,rse_pc.258,fs.431,ep_pr_s.433,ep_pr_r.433,ol.693,aft.693,ps.694

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/ Frame 5CCE 97 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3bfd9a33f41d24ecac9c57e05f86b8cef6c2dfd9b10ca8cd704e439f3e7900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 62275
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32794
x-xss-protection: 0
expires: Tue, 19 Apr 2022 15:53:24 GMT

GET
H3-29 200 fYn6ScbPBUe-QK7fzt0cVlbVnZLLOSkvyM8HAnvGAjQ.js Show response
www.google.com/js/th/ Frame 5CCE 33 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/fYn6ScbPBUe-QK7fzt0cVlbVnZLLOSkvyM8HAnvGAjQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d89fa49c6cf0547be40aedfcedd1c5656d59d92cb39292fc8cf07027bc60234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 00:09:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:00:00 GMT
server: sffe
age: 32535
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33856
x-xss-protection: 0
expires: Wed, 20 Apr 2022 00:09:04 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/ Frame 5CCE 24 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14b348a610401875e6ac6e40ee387af0b1697eb07c4c118eb66261d1e6cb7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 00:17:20 GMT
server: sffe
age: 62317
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7768
x-xss-protection: 0
expires: Tue, 19 Apr 2022 15:52:42 GMT

GET
H2 200 / Show response
go.rcvlink.com/bdto/RXTtRlV3fD/ Frame 9EB5 5 KB
2 KB 23ms
23ms XHR
application/json 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/RXTtRlV3fD/?cache=t5zf4tfesWr62Bg&ver=210403-0937&w=300&h=0&vw=1600&ms=575.58&ref=https%3A%2F%2Fsud.ua%2F
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 16674254c1bff4da52d60e5f29cc885d960f59ed667284baf82a90dcbc1de1dd

Request headers

Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
hn: b29
cache-control: no-cache, no-store, no-transform, must-revalidate
content-type: application/json
expires: Tue, 20 Apr 2021 12:11:19 +0300

GET
DATA 200
OK truncated
/ Frame 5CCE 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhaZvQg8T3W8movkZu6ddxgRAcxkxxk5uASp6gXow=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5CCE 2 KB
2 KB 30ms
6ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhaZvQg8T3W8movkZu6ddxgRAcxkxxk5uASp6gXow=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dfa0787f7e288bf16016f1a7418bc24740fd75bf38a446126c09a1c528153c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:37:33 GMT
x-content-type-options: nosniff
age: 5626
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1868
x-xss-protection: 0
server: fife
etag: "v803"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 20 Apr 2021 07:22:22 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/DhuHGwzTrvc/ Frame 5CCE 44 KB
45 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/DhuHGwzTrvc/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0e5b29329ce77c0d5256d88fcaf35406fce0992da83d46bf320af37672874c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:37:40 GMT
x-content-type-options: nosniff
server: sffe
age: 2019
etag: "1618561657"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45299
x-xss-protection: 0
expires: Tue, 20 Apr 2021 10:37:40 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5CCE 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
age: 169661
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 1px-matching-adpartner.gif
t.trafmag.com/images/ 35 B
232 B 57ms
16ms Image
image/gif 193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/1px-matching-adpartner.gif?id=ad89aa0a-cd07-4265-9274-9bfa353d2dd1
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=ad89aa0a-cd07-4265-9274-9bfa353d2dd1
https://a4p.adpartner.pro/ssp/match?dsp_id=10

43 B
359 B

98ms
98ms

Image
image/gif

5.135.83.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.83.158 , France, ASN16276 (OVH, FR),
Reverse DNS: app-05.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
last-modified: Tue, 20 Apr 2021 09:11:20 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 0cb1f6e1-7251-4b7b-9cab-cfd48aebe493
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 642d3e9e0ec30853-CDG
content-type: image/gif
cf-request-id: 09902576c100000853c4a19000000001
server: cloudflare

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=ad89aa0a-cd07-4265-9274-9bfa353d2dd1
https://a4p.adpartner.pro/ssp/match?dsp_id=9

43 B
359 B

99ms
99ms

Image
image/gif

5.135.83.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.83.158 , France, ASN16276 (OVH, FR),
Reverse DNS: app-05.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
last-modified: Tue, 20 Apr 2021 09:11:20 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: f08b8cee-d4f0-486f-9453-7dbccddbec3e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 642d3e9e0ec50853-CDG
content-type: image/gif
cf-request-id: 09902576c100000853912b6000000001
server: cloudflare

GET
H2 200 ad89aa0a-cd07-4265-9274-9bfa353d2dd1
s.uuidksinc.net/match/272/ 0
267 B 55ms
19ms Image
application/json 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/272/ad89aa0a-cd07-4265-9274-9bfa353d2dd1
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx/1.19.0
access-control-allow-headers: Content-Type
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://recreativ.ru/mtch/31/ad89aa0a-cd07-4265-9274-9bfa353d2dd1
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=61593285104

43 B
438 B

98ms
98ms

Image
image/gif

5.135.83.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=61593285104
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.83.158 , France, ASN16276 (OVH, FR),
Reverse DNS: app-05.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
last-modified: Tue, 20 Apr 2021 09:11:20 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=61593285104
hn: b26
date: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 pix
dsp-trk.eskimi.com/ 43 B
154 B 36ms
15ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/pix?e=24&exuid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
via: 1.1 google
trace-id: 59061f36b85701e5
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2

200

adpdigital
px.adhigh.net/p/cm/
Redirect Chain

https://px.adhigh.net/p/cm/adpdigital
https://px.adhigh.net/p/cm/adpdigital?bounced=1

49 B
325 B

58ms
58ms

Image
image/gif

193.232.148.146
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.148.146 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: hosting.adhigh.net
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx
x-backend-id: f7-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f7-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=A7282016-03BE-4B43-9ECF-81872F01C61C&id=ad89aa0a-cd07-4265-9274-9bfa353d2dd1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=e0f7582cb1d0432d890628a081c36fdb

35 B
351 B

52ms
18ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=e0f7582cb1d0432d890628a081c36fdb
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:11:20 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Tue, 20 Apr 2021 09:11:19 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=e0f7582cb1d0432d890628a081c36fdb
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 131ms
43ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=177&vid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 110
x-xss-protection: 1; mode=block
expires: -1

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 14ms
6ms Ping
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywODYaMCCeKfP5gbc

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 20 Apr 2021 09:11:19 GMT
content-type: text/plain
access-control-allow-origin: https://sud.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 618462923e1e8afa9f79f54ccfdcac51
st11.rcvlink.com/2/304/ Frame 9EB5 6 KB
6 KB 40ms
11ms Image
image/webp 136.243.140.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/618462923e1e8afa9f79f54ccfdcac51
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.140.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: st11.recreativ.ru
Software: openresty /
Resource Hash: e7f0018c5ed7195e5cf71a4ed0912a2506756132d7bccc144c150471f22c0cbc

Request headers

Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Wed, 16 Dec 2020 10:21:27 GMT
server: openresty
etag: "5fd9dfa7-94be"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6250
expires: Mon, 19 Jul 2021 09:11:19 GMT

GET
H2 200 6e9772092b02b6954055daad4da8aea7
st11.rcvlink.com/2/304/ Frame 9EB5 16 KB
17 KB 43ms
15ms Image
image/webp 136.243.140.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/6e9772092b02b6954055daad4da8aea7
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.140.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: st11.recreativ.ru
Software: openresty /
Resource Hash: 48ed8cfd21796cde58e9494dc234a7860b50666d674355b43b0f74a0a461f2b9

Request headers

Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 02 Feb 2021 12:19:19 GMT
server: openresty
etag: "60194347-11918"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16840
expires: Mon, 19 Jul 2021 09:11:19 GMT

GET
H2 200 81cf01675a8da64d4a5a07197166e991
st11.rcvlink.com/2/304/ Frame 9EB5 16 KB
16 KB 46ms
18ms Image
image/webp 136.243.140.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/81cf01675a8da64d4a5a07197166e991
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.140.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: st11.recreativ.ru
Software: openresty /
Resource Hash: cbea5aa09e0056f767cc78594912749a4f6b1f32074afc94b8d96b77d058acb4

Request headers

Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 29 Dec 2020 10:54:02 GMT
server: openresty
etag: "5feb0aca-f8ee"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16298
expires: Mon, 19 Jul 2021 09:11:19 GMT

GET
H2 200 654434e37fe5231a7f41e12cfd3d9085
st11.rcvlink.com/2/304/ Frame 9EB5 9 KB
9 KB 49ms
22ms Image
image/webp 136.243.140.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/654434e37fe5231a7f41e12cfd3d9085
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.140.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: st11.recreativ.ru
Software: openresty /
Resource Hash: d59d178691db4392e98ce3b399c7bda3d43c5cca582d3d836b56fc129961cacf

Request headers

Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 02 Mar 2021 13:49:55 GMT
server: openresty
etag: "603e4283-ad5b"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9246
expires: Mon, 19 Jul 2021 09:11:19 GMT

GET
H2 200 logo160.png
go.rcvlink.com/img/ Frame 9EB5 6 KB
6 KB 13ms
11ms Image
image/png 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/logo160.png
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Tue, 27 Apr 2021 09:11:19 GMT

GET
H2 200 601565476.jpg
rus.redtram.com/img300/ 19 KB
19 KB 85ms
84ms Image
image/jpeg 62.244.25.75
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rus.redtram.com/img300/601565476.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.75 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 911422df0cf0338f6a56ad9f918bbaa4418e901a74d548b9f26ca6b8ae24df9e

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server-rt: img02
date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Tue, 20 Apr 2021 07:39:40 GMT
server: nginx/1.18.0
etag: "607e853c-4c20"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 19488
expires: Tue, 27 Apr 2021 09:11:19 GMT

GET
H2 200 601563610.jpg
rus.redtram.com/img300/ 20 KB
20 KB 86ms
86ms Image
image/jpeg 62.244.25.75
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rus.redtram.com/img300/601563610.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.75 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e0a9374d6b5359aaf7c98d404415fb1a2263477b41d1b9cde4523b78d73a7768

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server-rt: img01
date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Mon, 19 Apr 2021 13:14:11 GMT
server: nginx/1.18.0
etag: "607d8223-4e51"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 20049
expires: Tue, 27 Apr 2021 09:11:19 GMT

GET
H2 200 601478986.jpg
rus.redtram.com/img300/ 25 KB
25 KB 114ms
113ms Image
image/jpeg 62.244.25.75
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rus.redtram.com/img300/601478986.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.75 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e50add0998905ab8975e5147a7a6bdd515e7df904323f7f0d29c3a32dcbe9323

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server-rt: img02
date: Tue, 20 Apr 2021 09:11:19 GMT
last-modified: Sat, 17 Apr 2021 18:19:51 GMT
server: nginx/1.18.0
etag: "607b26c7-620b"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 25099
expires: Tue, 27 Apr 2021 09:11:19 GMT

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5CCE 4 KB
2 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:19 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 5CCE 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?WOT8Hw
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 204 csi_204
www.youtube.com/ Frame 5CCE 0
19 B 16ms
15ms Image
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/csi_204?v=2&s=youtube&action=embed&yt_sts=n&is_nav=1&csn=MC4wMTM3MDk3MjIzODA3NjYwNjU.&yt_vis=1&yt_lt=cold&rc=&st=181&cpn=MYwbp33negYiw9A6&rt=pe.601,srt.194,nreqs.2,nress.194,nrese.200,wffs.376,wffe.383,rsf_pc.375,rse_pc.384,fs.622,ep_pr_s.623,ep_pr_r.623,ol.755,aft.755,ps.755

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3367 6 KB
669 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=100&adk=3119739864&adf=1960333627&pi=t.aa~a.3325200224~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x100&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600%2C300x240&nras=5&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=432&ady=3336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=zhRZu1zwhj&p=https%3A//sud.ua&dtd=22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 07:13:56 GMT
server: ESF
date: Tue, 20 Apr 2021 09:11:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 3367 1 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:08:41 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 3367 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:07:03 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 3367 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:09:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3367 118 KB
36 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 3367 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:09:35 GMT

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 3367 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 10:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 81876
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Sun, 18 Jul 2021 10:26:44 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12930216093745107682/ Frame 3367 5 KB
5 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12930216093745107682/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9a7226144ec71aa7bbab9ac47f8db950f99a49c76113a61a9829ce1aec50b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:44:52 GMT
x-content-type-options: nosniff
age: 167188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5147
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 12:54:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 10:44:52 GMT

GET
DATA 200
OK truncated
/ Frame 3367 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3367 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CluLft5p-YJXgLMmPrATuw724B7XE7bFiucyE_KoMv-EeEAEggb-0I2CVAqAB_suCnwPIAQmpAmWtN96mO7Q-qAMByAPLBKoE2AFP0PtZisg8ZJP5xHx2BpTe5l7TAVuoHA5cpQvK6e_EDzSx43YivP7k-sZK7pQh1dRkZAgmev73wT9v14fzt192dPAUuB0TrsZ6Hndb0fYvZBNAzaMJFmktA7jJPO6L748tMIFMNBE5xHBWBKc9E_XZQgyTVtNZeQS9LPBEaAaBa1S9fnamAozTgOPmsxB5vj2L7J3FO4PUcE38iegJdWf4BPpPejRCNR614dIZZkLD4dJ2MCWeG1rnLzhugeFxGotoichXZoi_lslwCUBfNnnGeMSuifqx7f7ABKjY7_2rA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfqs_1gqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEK2JAtIICQiA4YAQEAEYH4AKAcgLAdgTDIgUBrIXGgoYCAASFHB1Yi0yNTM1MTEzODM5MzMyNjUy&sigh=AdwvXcTaq6I&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=100&adk=3119739864&adf=1960333627&pi=t.aa~a.3325200224~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x100&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600%2C300x240&nras=5&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=432&ady=3336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=zhRZu1zwhj&p=https%3A//sud.ua&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 09:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0F86 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 16:59:40 GMT
expires: Tue, 20 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 58300
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame DF10 6 KB
669 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=240&adk=3228360848&adf=4036433046&pi=t.aa~a.2991870961~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x240&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600&nras=4&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=3002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=U1sLcPLR03&p=https%3A//sud.ua&dtd=18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 09:09:41 GMT
server: ESF
date: Tue, 20 Apr 2021 09:11:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame DF10 1 KB
909 B 20ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:08:41 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame DF10 17 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:07:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame DF10 2 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:10:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF10 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame DF10 13 KB
5 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:09:35 GMT

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame DF10 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 10:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 81876
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Sun, 18 Jul 2021 10:26:44 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF10 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiPupt5p-YMfBLMnm3wPMzpKQBZL_xrJikeq82cQNpIX41OIMEAEggb-0I2CVAqAB4prxjgPIAQmpAuFjbaxpNbQ-qAMByAPLBKoE0gFP0K4xMVBTiIt3BoVh0z-z2nKwEoBlnrFyfVJ5_T7qAC8HwESDsA8IV09HR3DwHGEgjrpqxeubtNSNOCiNhAhKpSNgTONg5K1MGgprswSyf2k8_c6UcKZDU9EMbR-ZMPpdNvfct5hYymUtA6x-lC8_5A5B6_7yhx9_fO2MdffsyNTMFhBFq_rYqqBLeQOlb8saqyu4kMrkcCMi6Wn83ofbNliQSGZcgkqvXj-5qVDDuCcYnMLqqaoKTMlL6ldezlNd-df8afgyrACX4sKkjbFEPS7ABLautd_FAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeG5Y5xqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMmaB9IICQiA4YAQEAEYH4AKAcgLAdgTDYgUA7IXGgoYCAASFHB1Yi0yNTM1MTEzODM5MzMyNjUy&sigh=EsNqy6-CHxY&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=240&adk=3228360848&adf=4036433046&pi=t.aa~a.2991870961~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x240&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600&nras=4&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=3002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=U1sLcPLR03&p=https%3A//sud.ua&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 09:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2204030107570158595/ Frame DF10 20 KB
20 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2204030107570158595/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa6536a08b85ecbcd318c3d7cc9c3e204a5e55c859d131a89829782d487a08e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 02:29:02 GMT
x-content-type-options: nosniff
age: 196938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20421
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 08:19:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 02:29:02 GMT

GET
DATA 200
OK truncated
/ Frame DF10 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3367 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f96f36d56e81497a409795146db0437ed8265c7b5351b3053975de32b886900

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3367 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 42931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:49 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3367 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 42931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:49 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F632 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 16:59:40 GMT
expires: Tue, 20 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 58300
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DF10 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdb043ab40fd19b57a7758dcf3e3bed305652590e794134ab56b4cd33f6c1510

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0F86 35 B
463 B 37ms
7ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAQw1WdqwdM0D2woC0aG5sE&google_cver=1&google_push=AQvitUKWI5sfdRCePFSg8Gi2b2Cl4QPi_WNLQrGWXsAwg8rjpyIgQf_DttTo15VLps2RH06ZaL7BNoJzN7KUo67ltDyS5JKR3Co

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F86
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKAvbn_znlENWQQtDK6R7bT4LZvKZ3V4yO2ZJv...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFCR2hZTFg4Qg&google_push=AQvitUKAvbn_znlENWQQtDK6R7bT4LZvKZ3V4yO2ZJvFxRxIY069qw4WgoA9i10qPl3d7eK_UFDtLJIMF7ADwnlY9ohEsJGDcU0

170 B
188 B

35ms
20ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFCR2hZTFg4Qg&google_push=AQvitUKAvbn_znlENWQQtDK6R7bT4LZvKZ3V4yO2ZJvFxRxIY069qw4WgoA9i10qPl3d7eK_UFDtLJIMF7ADwnlY9ohEsJGDcU0

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFCR2hZTFg4Qg&google_push=AQvitUKAvbn_znlENWQQtDK6R7bT4LZvKZ3V4yO2ZJvFxRxIY069qw4WgoA9i10qPl3d7eK_UFDtLJIMF7ADwnlY9ohEsJGDcU0
Date: Tue, 20 Apr 2021 09:11:20 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F86
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIdKNWT...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIdKNWT...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAwOTExMjEyNjY2OTYzNjA0ODgwNA%3D%3D&google_push=AQvitUIdKNWTwxSuwodkx1ZZx0hzgqV_G--4kH3x7m51xIpbqIfZJXRP8zTCpblVfvPnDy...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAwOTExMjEyNjY2OTYzNjA0ODgwNA%3D%3D&google_push=AQvitUIdKNWTwxSuwodkx1ZZx0hzgqV_G--4kH3x7m51xIpbqIfZJXRP8zTCpblVfvPnDyXv6eZ70s-xzaw739ZsBdkb9EAeoww

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAwOTExMjEyNjY2OTYzNjA0ODgwNA%3D%3D&google_push=AQvitUIdKNWTwxSuwodkx1ZZx0hzgqV_G--4kH3x7m51xIpbqIfZJXRP8zTCpblVfvPnDyXv6eZ70s-xzaw739ZsBdkb9EAeoww
Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:21 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F86
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUKcQuy0apiispDToLQ_-7LygptgQ3XaYKC3bu9KHeCNimQ1cKRvWAVT2PxQX4uXGta0YajAZTIkcgBKyyES9YMwrsOW9Lc
https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUKcQuy0apiispDToLQ_-7LygptgQ3XaYKC3bu9KHeCNimQ1cKRvWAVT2PxQX4uXGta0YajAZTIkcgBKyyES9YMwrsOW9Lc&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKcQuy0apiispDToLQ_-7LygptgQ3XaYKC3bu9KHeCNimQ1cKRvWAVT2PxQX4uXGta0YajAZTIkcgBKyyES9YMwrsOW9Lc&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

170 B
188 B

35ms
20ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKcQuy0apiispDToLQ_-7LygptgQ3XaYKC3bu9KHeCNimQ1cKRvWAVT2PxQX4uXGta0YajAZTIkcgBKyyES9YMwrsOW9Lc&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKcQuy0apiispDToLQ_-7LygptgQ3XaYKC3bu9KHeCNimQ1cKRvWAVT2PxQX4uXGta0YajAZTIkcgBKyyES9YMwrsOW9Lc&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: f3lpu43nvq9vldj7b29a9pa56vcocqnb

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F86
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULfxla4W8cQNQgKNqJ7dpnYWXKkRiYMQEwU_SHxeDtjzz1HRRZsFO3LCFwTNuuOSUZPkpBeri0Klx3xvG0k_mWxFHygatc

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULfxla4W8cQNQgKNqJ7dpnYWXKkRiYMQEwU_SHxeDtjzz1HRRZsFO3LCFwTNuuOSUZPkpBeri0Klx3xvG0k_mWxFHygatc
Date: Tue, 20 Apr 2021 09:11:18 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F86
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIA9J2JrS3eIVzASOrkcbdc&google_cver=1&google_push=AQvitUJPs05seZLhEEenl2AMMyg3eExFzcjgeZ0xkgtYOyrwhe6EY8KXAoimfuVk0j8Ch3cm4kv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2OUotMVItTDJIVg==&google_push=AQvitUJPs05seZLhEEenl2AMMyg3eExFzcjgeZ0xkgtYOyrwhe6EY8KXAoimfuVk0j8Ch3cm4kvysPjAOfrEJHklHIZ3-ocsIw

170 B
188 B

38ms
22ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2OUotMVItTDJIVg==&google_push=AQvitUJPs05seZLhEEenl2AMMyg3eExFzcjgeZ0xkgtYOyrwhe6EY8KXAoimfuVk0j8Ch3cm4kvysPjAOfrEJHklHIZ3-ocsIw

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2OUotMVItTDJIVg==&google_push=AQvitUJPs05seZLhEEenl2AMMyg3eExFzcjgeZ0xkgtYOyrwhe6EY8KXAoimfuVk0j8Ch3cm4kvysPjAOfrEJHklHIZ3-ocsIw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F86
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_cver=1&google_push=AQvitUIrEpxsfdO8KZLxiD8nIg7wm3VS3lfklvi1gHAQc8H6z3fzTZ8zLOM7WWpjz7wQ870lo3wY...

170 B
188 B

36ms
21ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_cver=1&google_push=AQvitUIrEpxsfdO8KZLxiD8nIg7wm3VS3lfklvi1gHAQc8H6z3fzTZ8zLOM7WWpjz7wQ870lo3wY13aw7OmZn5qCTEHD1rpPZw&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_cver=1&google_push=AQvitUIrEpxsfdO8KZLxiD8nIg7wm3VS3lfklvi1gHAQc8H6z3fzTZ8zLOM7WWpjz7wQ870lo3wY13aw7OmZn5qCTEHD1rpPZw&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0F86 0
40 B 55ms
16ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkgyT8uzwdeWsfXLoSxVh5arD_7FbqYGCPiVrXwsa8H4fat-ppe5HhMfRq4q1A4PGk30hV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 69D2 14 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 48195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 19 Apr 2022 19:48:05 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F632 35 B
462 B 28ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAQw1WdqwdM0D2woC0aG5sE&google_cver=1&google_push=AQvitUIMqeqG6zKPssMjJepJVtnGZyd61Uw0Pdge__rtGNx1ee94jWZr4uBA22cyvQGJfYAu-oDVjCJ0zuY_HLAp-YMD4Aj7NWk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F632
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIYQreI0ybQytsp4Y3br64GEK13ydojzH4luwW...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFBZWw3cjI5Vg&google_push=AQvitUIYQreI0ybQytsp4Y3br64GEK13ydojzH4luwWB8Vi8irH6LeOl48qcC4MZ8pf6nIotUU-AKR-OhmLrpZs_lR5i0723Xyds

170 B
188 B

35ms
21ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFBZWw3cjI5Vg&google_push=AQvitUIYQreI0ybQytsp4Y3br64GEK13ydojzH4luwWB8Vi8irH6LeOl48qcC4MZ8pf6nIotUU-AKR-OhmLrpZs_lR5i0723Xyds

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFBZWw3cjI5Vg&google_push=AQvitUIYQreI0ybQytsp4Y3br64GEK13ydojzH4luwWB8Vi8irH6LeOl48qcC4MZ8pf6nIotUU-AKR-OhmLrpZs_lR5i0723Xyds
Date: Tue, 20 Apr 2021 09:11:20 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame F632 43 B
324 B 47ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEI3uPvFNN-8MyXz_YPjZW7E&google_push=AQvitUL6Zoc4mojouAhuUwBCX6XmkA0L0Tl9-DlmQZqWtz-zKs6qQZ3D-waOp2XGXYUv5xIUZaevb7FXx9IutXoWMSIKn3dSGAOi&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=240&adk=3228360848&adf=4036433046&pi=t.aa~a.2991870961~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x240&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=897&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600%2C275x600&nras=4&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=3002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=U1sLcPLR03&p=https%3A//sud.ua&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F632
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUInhpnbe0HiwlIRm_Z7oG4ADGfd4US5QUXi8HwhyrFtoplSe9ZmM5HdAR687lQph4BdrOQWiguXzzh2alJkIWYOowGWY-HN
https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUInhpnbe0HiwlIRm_Z7oG4ADGfd4US5QUXi8HwhyrFtoplSe9ZmM5HdAR687lQph4BdrOQWiguXzzh2alJkIWYOowGWY-HN&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUInhpnbe0HiwlIRm_Z7oG4ADGfd4US5QUXi8HwhyrFtoplSe9ZmM5HdAR687lQph4BdrOQWiguXzzh2alJkIWYOowGWY-HN&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

170 B
188 B

34ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUInhpnbe0HiwlIRm_Z7oG4ADGfd4US5QUXi8HwhyrFtoplSe9ZmM5HdAR687lQph4BdrOQWiguXzzh2alJkIWYOowGWY-HN&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUInhpnbe0HiwlIRm_Z7oG4ADGfd4US5QUXi8HwhyrFtoplSe9ZmM5HdAR687lQph4BdrOQWiguXzzh2alJkIWYOowGWY-HN&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: hs4eun6nmc61tq8kfg7gtq8fplc4cukv

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F632
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKPl1AtBfKpxSsJeWd629EB_-K1Nbg7ZlolkLdmiIzuKd6X0d-go5hPWhwtPQJK4RNVRBM9Y5dta4XB68HTGEMuaBFQHt0S

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKPl1AtBfKpxSsJeWd629EB_-K1Nbg7ZlolkLdmiIzuKd6X0d-go5hPWhwtPQJK4RNVRBM9Y5dta4XB68HTGEMuaBFQHt0S
Date: Tue, 20 Apr 2021 09:11:19 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F632
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIA9J2JrS3eIVzASOrkcbdc&google_cver=1&google_push=AQvitUJNG40eN0wMrL1mtGJMClGZSMl6zoi4hf_V9ha-vZUoJ_d5oGAvaD24Z3augDFQpn-eFhv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2OVotMTgtMVdCQQ==&google_push=AQvitUJNG40eN0wMrL1mtGJMClGZSMl6zoi4hf_V9ha-vZUoJ_d5oGAvaD24Z3augDFQpn-eFhv9-85d1ATv4_WT3sHQN5qWT_I

170 B
188 B

30ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2OVotMTgtMVdCQQ==&google_push=AQvitUJNG40eN0wMrL1mtGJMClGZSMl6zoi4hf_V9ha-vZUoJ_d5oGAvaD24Z3augDFQpn-eFhv9-85d1ATv4_WT3sHQN5qWT_I

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2OVotMTgtMVdCQQ==&google_push=AQvitUJNG40eN0wMrL1mtGJMClGZSMl6zoi4hf_V9ha-vZUoJ_d5oGAvaD24Z3augDFQpn-eFhv9-85d1ATv4_WT3sHQN5qWT_I
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F632
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_push=AQvitUJpJai3ADNfUQl6t1fdDRyiuPPFcr_6abO7pGwVn1nLhrH...

170 B
188 B

34ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_push=AQvitUJpJai3ADNfUQl6t1fdDRyiuPPFcr_6abO7pGwVn1nLhrHjsCB_K9YmRTNmjRo5rU50Hz6HNUT6zrRSgzS3KEtyqdc23JEu&google_cver=1

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_push=AQvitUJpJai3ADNfUQl6t1fdDRyiuPPFcr_6abO7pGwVn1nLhrHjsCB_K9YmRTNmjRo5rU50Hz6HNUT6zrRSgzS3KEtyqdc23JEu&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F632 0
227 B 45ms
15ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JO07ZMylP_M3k1NtA1zL5mAqmpy9tTA8sMPM9mXwKB1kDNAEBsJOGO46KqBsiqGrzYgy0G

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DF10 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 42931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:49 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DF10 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 42931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:49 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 17CC 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 48195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 19 Apr 2022 19:48:05 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2406 3 KB
578 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=3669479829&pi=t.aa~a.3331352014~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=2&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0&nras=2&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=1272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gRwl7O4nlo&p=https%3A//sud.ua&dtd=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 07:14:55 GMT
server: ESF
date: Tue, 20 Apr 2021 09:11:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 2406 1 KB
909 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:08:41 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 2406 17 KB
7 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:07:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 2406 2 KB
1 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:10:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2406 118 KB
36 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 2406 13 KB
5 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:09:35 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2406 0
0 21ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuQ0pfsWwtymU73H8CuLTKqIfIIqO7qEoLjXEMqd4XHlpiTXDfRV1fjUcIIkg1-DX8Mc2dckAslj4vjQG2APb8FVdMTA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=3669479829&pi=t.aa~a.3331352014~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=2&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0&nras=2&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=1272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gRwl7O4nlo&p=https%3A//sud.ua&dtd=11
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 2406 25 KB
10 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 10:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 81876
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Sun, 18 Jul 2021 10:26:44 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2406 0
0 20ms
16ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXrRJt5p-YKikLJfU3gPw6aKIAYfXjaJhiu6R3c4N4dKDz4EKEAEggb-0I2CVAqABma2v2APIAQmpApHNj8eWPLQ-qAMByAPLBKoEzwFP0CvZmO-A9LcVUtaBYJxPE8exlOPqggYDBSxHF8JzB_GvBerr-9t0lxlmyJPsZ3Xjo8cyFN3danxmdjTMrsTGqnTXEX7SOn8TAB1O6M019XoyaSgX1pl-rbw89Kerc2aHT4jGiTduY4pghHqrI0006X4jALAbrJgwHJXwHSQq4zkMDZSXgN7lYMtGuon9XCcimOAZWRRiLXLZBziHKb7D2OykKh9s1yM7vw2iZzEkPcv1Hey-cUCFpEmFyab2Z5iTd4WMDEgoRGHVcc_FrAPABPOZlO-_A5IFBAgEGAGSBQQIBRgEoAYugAeG8t0lqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJqLDtIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFAGyFxoKGAgAEhRwdWItMjUzNTExMzgzOTMzMjY1Mg&sigh=SnHZliEk2uA&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=3669479829&pi=t.aa~a.3331352014~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=2&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0&nras=2&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1175&ady=1272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gRwl7O4nlo&p=https%3A//sud.ua&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 09:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3FA3 2 KB
531 B 29ms
25ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=2657765983&pi=t.aa~a.1171853407~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600&nras=3&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=141&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oUpoHAVDMF&p=https%3A//sud.ua&dtd=15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 09:11:14 GMT
server: ESF
date: Tue, 20 Apr 2021 09:11:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 3FA3 1 KB
909 B 7ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:08:41 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6336583283144941264/ Frame 2406 18 KB
18 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6336583283144941264/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73538858e81e48b36ffad1087179f0d507fb764086355afad24865e5eeffd5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:53 GMT
x-content-type-options: nosniff
age: 457647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18152
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 11:17:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:03:53 GMT

GET
DATA 200
OK truncated
/ Frame 2406 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3FA3 10 KB
10 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSG5Fikukt5hESiBV0HuPbxEHiBvfy4bJ0gjMQFs_zNZOqAqLE5&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2de82e6c60de0075b23fb8ce34692fd24ed3f0908282da1d8c53d3eea9a0d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:43:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 11:22:17 GMT
server: sffe
age: 98844
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10368
x-xss-protection: 0
expires: Tue, 19 Apr 2022 05:43:56 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3FA3 6 KB
7 KB 30ms
9ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR47_7qaRCbUKZNcg13zadgJeAiMO1LPhbbsMxFQYPixtBxNla-&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9fdfc1254d209edbe6b0042f594791b947bac3e48ebbae394e807cfa5d6ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:49:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Nov 2019 23:56:26 GMT
server: sffe
age: 505309
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6550
x-xss-protection: 0
expires: Thu, 14 Apr 2022 12:49:31 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 3FA3 11 KB
12 KB 27ms
7ms Image
image/png 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQx1diVPKQUiXd8qwWfkfpKWwOa98E8NA9FMHKcKPef6vcwXxa2&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499a3470c70f942fabfb9a6ae87eecfa66e3302d1c492bb20fb2d3efb661ef24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Aug 2020 15:51:14 GMT
server: sffe
age: 169660
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11528
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:40 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 3FA3 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:07:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 3FA3 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:10:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FA3 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 3FA3 13 KB
5 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:09:35 GMT

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 3FA3 25 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 10:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 81876
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Sun, 18 Jul 2021 10:26:44 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3FA3 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci8fSt5p-YPm8LOmBjuwP-dGVCKzb855iuMm7i_UMtt3GpNUcEAEggb-0I2CVAqABtNOD9wPIAQmpAuFjbaxpNbQ-qAMByAPLBKoE0gFP0AFPgTeqaCsjlhDxnpiz1G_A2gG9JIICRZxqBq6TxkjgWvoFBoMGVyxbsbqZB-1LvdLGHtEb_HJI_x-if8b8t5lLjmALCvx_HYSUI06d2d_WxBsdB93aPE7LROz0SEDAAmKFCDFl_-L-o9SKsSxS8wZJWFc1g_AFYNZabd1obEAJ4xjaML_RyIO9YRUVrfd-AcB-VMomjyfu_Z1CILv4aC1wDtGA6OzC9piDi7iR-BozWm1VIF8gGD9igIrUZEuix6ABQJccU_1KtdgeuZ_cc_PABLKyme-OA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe9t60jqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDF1QnSCAkIgOGAEBABGB-ACgHICwHYEw6yFxoKGAgAEhRwdWItMjUzNTExMzgzOTMzMjY1Mg&sigh=a45PgBBr4_c&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=2657765983&pi=t.aa~a.1171853407~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600&nras=3&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=141&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oUpoHAVDMF&p=https%3A//sud.ua&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 09:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EF3F 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 16:59:40 GMT
expires: Tue, 20 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 58300
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0A90 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 16:59:40 GMT
expires: Tue, 20 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 58300
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2406 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89dd625eccb62a6b9942e5f5992c293bafbc2372a5ff18d1b2ceaf7d48910090

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2406 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 169662
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2406 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 457698
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
DATA 200
OK truncated
/ Frame 3FA3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 484d752ef782acf531006c2e078e3fcac05fb7dd5f2ecd6ceac5a4ad3a15f0b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 3FA3 20 KB
20 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 169662
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EF3F
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAQw1WdqwdM0D2woC0aG5sE&google_cver=1&google_push=AQvitUJBseeu5c3Hlg7aoNwbah7sNfkMqySUC6yTGEutzOGhbfu4rmt4ow...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJBseeu5c3Hlg7aoNwbah7sNfkMqySUC6yTGEutzOGhbfu4rmt4owRLeESFyt_13Q2ZsibSNG7U_rp75Za1571b70m1fK0&google_hm=K-l5ven...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJBseeu5c3Hlg7aoNwbah7sNfkMqySUC6yTGEutzOGhbfu4rmt4owRLeESFyt_13Q2ZsibSNG7U_rp75Za1571b70m1fK0&google_hm=K-l5venzWg7oWxNH_aJNxw

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUJBseeu5c3Hlg7aoNwbah7sNfkMqySUC6yTGEutzOGhbfu4rmt4owRLeESFyt_13Q2ZsibSNG7U_rp75Za1571b70m1fK0&google_hm=K-l5venzWg7oWxNH_aJNxw
pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EF3F
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJsi99pvMa-hl75dl8RHPaCUVL6Xc8zFJU1XLg...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFBSUppV2tiTA&google_push=AQvitUJsi99pvMa-hl75dl8RHPaCUVL6Xc8zFJU1XLgLi8iWA0yGzOhswM9CJCzOFR5i5XnGlGeel4sQq5_3AvsZKwtBgypUiLo

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFBSUppV2tiTA&google_push=AQvitUJsi99pvMa-hl75dl8RHPaCUVL6Xc8zFJU1XLgLi8iWA0yGzOhswM9CJCzOFR5i5XnGlGeel4sQq5_3AvsZKwtBgypUiLo

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2YXVBQUFBSUppV2tiTA&google_push=AQvitUJsi99pvMa-hl75dl8RHPaCUVL6Xc8zFJU1XLgLi8iWA0yGzOhswM9CJCzOFR5i5XnGlGeel4sQq5_3AvsZKwtBgypUiLo
Date: Tue, 20 Apr 2021 09:11:20 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EF3F
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUIEExryVehvZhWhf4uD8IHJnNJSF2G8ubEAstDWxUaK603-3NMBJZ1ubbseOI3lGsyn0TgvuuzBIKuLh6CwZm-bIs5-UA
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIEExryVehvZhWhf4uD8IHJnNJSF2G8ubEAstDWxUaK603-3NMBJZ1ubbseOI3lGsyn0TgvuuzBIKuLh6CwZm-bIs5-UA&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIEExryVehvZhWhf4uD8IHJnNJSF2G8ubEAstDWxUaK603-3NMBJZ1ubbseOI3lGsyn0TgvuuzBIKuLh6CwZm-bIs5-UA&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIEExryVehvZhWhf4uD8IHJnNJSF2G8ubEAstDWxUaK603-3NMBJZ1ubbseOI3lGsyn0TgvuuzBIKuLh6CwZm-bIs5-UA&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: nvq96rm541dcdk73046cpo8gl1tl87rc

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EF3F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJqIOHL4VgdZ7zlpbjJaSYUQeJuaotzebidbj5RLPGkUmAgQ5WMzoesBTe8Sl7NiSsser0PciT4yJM_1XERilphELYj16o

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJqIOHL4VgdZ7zlpbjJaSYUQeJuaotzebidbj5RLPGkUmAgQ5WMzoesBTe8Sl7NiSsser0PciT4yJM_1XERilphELYj16o
Date: Tue, 20 Apr 2021 09:11:19 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EF3F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIA9J2JrS3eIVzASOrkcbdc&google_cver=1&google_push=AQvitUJztUGczkDKRBsOPjmWr-YLIDcf4bthobALGEq8CP9Zgec0isFvJFIv185QnyawjmvA5q3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2STctMjAtS0hRWQ==&google_push=AQvitUJztUGczkDKRBsOPjmWr-YLIDcf4bthobALGEq8CP9Zgec0isFvJFIv185QnyawjmvA5q3URB-wXjvDlv1yJ9xJAnxEwCo

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2STctMjAtS0hRWQ==&google_push=AQvitUJztUGczkDKRBsOPjmWr-YLIDcf4bthobALGEq8CP9Zgec0isFvJFIv185QnyawjmvA5q3URB-wXjvDlv1yJ9xJAnxEwCo

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2STctMjAtS0hRWQ==&google_push=AQvitUJztUGczkDKRBsOPjmWr-YLIDcf4bthobALGEq8CP9Zgec0isFvJFIv185QnyawjmvA5q3URB-wXjvDlv1yJ9xJAnxEwCo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EF3F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_push=AQvitUIn_EFQS4T92dVI7MUoJMJPQdXOikxOWJpdrgbMb349OD_...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_push=AQvitUIn_EFQS4T92dVI7MUoJMJPQdXOikxOWJpdrgbMb349OD_PpcydnM0XYSZyzMpZfACLG98-E7RSqvvjfHew4To-DBgsB2U&google_cver=1

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_push=AQvitUIn_EFQS4T92dVI7MUoJMJPQdXOikxOWJpdrgbMb349OD_PpcydnM0XYSZyzMpZfACLG98-E7RSqvvjfHew4To-DBgsB2U&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EF3F
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMIfil5xkQE6LWERtuLOWe4&google_cver=1&google_push=AQvitULrs5nmAG9WGa92I3R8...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULrs5nmAG9WGa92I3R8kXVQr3kumfccHApfImirdWWMFWXT55tfNB1s8j6kbkgiGXdfVt2MqBum-adAetQBrApsXX6gLu3i&google_hm=

170 B
188 B

17ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULrs5nmAG9WGa92I3R8kXVQr3kumfccHApfImirdWWMFWXT55tfNB1s8j6kbkgiGXdfVt2MqBum-adAetQBrApsXX6gLu3i&google_hm=

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULrs5nmAG9WGa92I3R8kXVQr3kumfccHApfImirdWWMFWXT55tfNB1s8j6kbkgiGXdfVt2MqBum-adAetQBrApsXX6gLu3i&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 19 Apr 2021 09:11:20 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame EF3F 0
12 B 16ms
15ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbVU8Ls4q1FuGdUyxSrAWH2yRfZd10RS_nVGdl2PbEvIf698gBlHCl67Wlnf_Qhc7QouMi8g

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0A90
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAQw1WdqwdM0D2woC0aG5sE&google_cver=1&google_push=AQvitUKbPcfrhXtbkawrreC0kzhLEzlbfRpG9VulQcnpXa_IuIVLNPJcFM...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUKbPcfrhXtbkawrreC0kzhLEzlbfRpG9VulQcnpXa_IuIVLNPJcFMKrXJUj2zRr7bjav2IRxM_w8mLNvZRb2bL-QVY0Mrw&google_hm=K-l5ven...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUKbPcfrhXtbkawrreC0kzhLEzlbfRpG9VulQcnpXa_IuIVLNPJcFMKrXJUj2zRr7bjav2IRxM_w8mLNvZRb2bL-QVY0Mrw&google_hm=K-l5venzWg7oWxNH_aJNxw

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUKbPcfrhXtbkawrreC0kzhLEzlbfRpG9VulQcnpXa_IuIVLNPJcFMKrXJUj2zRr7bjav2IRxM_w8mLNvZRb2bL-QVY0Mrw&google_hm=K-l5venzWg7oWxNH_aJNxw
pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0A90
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULifpUQ...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULifpUQ...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAwOTExMjEyNzE0OTkzMDY4OTA2OQ%3D%3D&google_push=AQvitULifpUQvSceupDEqaqbmCGITZg4fTvXXOwMiBqHrVqPbK0LVJhK_uUxFDWfN365-w...

170 B
188 B

21ms
20ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAwOTExMjEyNzE0OTkzMDY4OTA2OQ%3D%3D&google_push=AQvitULifpUQvSceupDEqaqbmCGITZg4fTvXXOwMiBqHrVqPbK0LVJhK_uUxFDWfN365-wZAl_gpTBnY6bUGentGmEdUp6EXIVc

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjAwOTExMjEyNzE0OTkzMDY4OTA2OQ%3D%3D&google_push=AQvitULifpUQvSceupDEqaqbmCGITZg4fTvXXOwMiBqHrVqPbK0LVJhK_uUxFDWfN365-wZAl_gpTBnY6bUGentGmEdUp6EXIVc
Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:21 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0A90
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBBEEP3T3TwELLBBQAk87w8&google_cver=1&google_push=AQvitUJpqo5RTzMdKQUqpsTBKA5xcLB0sI7fN9iFO8wJonar0Zj2R9ld3ok26e-ORKyPvKhgTUX-L_N_b0Q0CyM0kdBIYNOYD9I
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJpqo5RTzMdKQUqpsTBKA5xcLB0sI7fN9iFO8wJonar0Zj2R9ld3ok26e-ORKyPvKhgTUX-L_N_b0Q0CyM0kdBIYNOYD9I&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJpqo5RTzMdKQUqpsTBKA5xcLB0sI7fN9iFO8wJonar0Zj2R9ld3ok26e-ORKyPvKhgTUX-L_N_b0Q0CyM0kdBIYNOYD9I&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJpqo5RTzMdKQUqpsTBKA5xcLB0sI7fN9iFO8wJonar0Zj2R9ld3ok26e-ORKyPvKhgTUX-L_N_b0Q0CyM0kdBIYNOYD9I&google_hm=OcE4ZjqfyxA-xQRZnXb_zw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: oa4c1maa5vfqn6u87omoer36noqr5tae

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0A90
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKW19n6vGX2uDuMY-P29ORbNdzzwWk_qBBoSp03R7QIZ1EKjC92g3C1Vcfdx-Kpvay93Z2Yhau5lrEBv-HY0TeTMORwiIA

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nzLEkiFURnyukFIzXX8Lgg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKW19n6vGX2uDuMY-P29ORbNdzzwWk_qBBoSp03R7QIZ1EKjC92g3C1Vcfdx-Kpvay93Z2Yhau5lrEBv-HY0TeTMORwiIA
Date: Tue, 20 Apr 2021 09:11:19 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0A90
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIA9J2JrS3eIVzASOrkcbdc&google_cver=1&google_push=AQvitUKFZMxKiREUOVOQFi556LoQCrVwytg8X1bCCyhX-dqPdT_l_iyopN45xPHQg2Dt8lpYsa-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2SUctMVAtMTJSSw==&google_push=AQvitUKFZMxKiREUOVOQFi556LoQCrVwytg8X1bCCyhX-dqPdT_l_iyopN45xPHQg2Dt8lpYsa-NJgeWrdzEPR7cnM2oBbXfIA

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2SUctMVAtMTJSSw==&google_push=AQvitUKFZMxKiREUOVOQFi556LoQCrVwytg8X1bCCyhX-dqPdT_l_iyopN45xPHQg2Dt8lpYsa-NJgeWrdzEPR7cnM2oBbXfIA

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QVDU2SUctMVAtMTJSSw==&google_push=AQvitUKFZMxKiREUOVOQFi556LoQCrVwytg8X1bCCyhX-dqPdT_l_iyopN45xPHQg2Dt8lpYsa-NJgeWrdzEPR7cnM2oBbXfIA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0A90
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_cver=1&google_push=AQvitUIC4G-kcDREBdTZqD40tXwtumXZnDIZ1qjgsuDO0XjxA76_LHF5r_uH8eYnUz-KLS_JgG4O...

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_cver=1&google_push=AQvitUIC4G-kcDREBdTZqD40tXwtumXZnDIZ1qjgsuDO0XjxA76_LHF5r_uH8eYnUz-KLS_JgG4OwuvEdgAr26qk6J-B3mLjjmk&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:11:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6auKZdgf9ul1yj0OXxcwAABLsAAAIB&google_cver=1&google_push=AQvitUIC4G-kcDREBdTZqD40tXwtumXZnDIZ1qjgsuDO0XjxA76_LHF5r_uH8eYnUz-KLS_JgG4OwuvEdgAr26qk6J-B3mLjjmk&google_gid=CAESEGZ49dqkBeYoQXPfhx8273Y
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Tue, 20 Apr 2021 09:11:20 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 0A90 43 B
296 B 77ms
24ms Image
image/gif 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESED8qfYkYwk7dfwEsXYPNa-s&google_cver=1&google_push=AQvitULLo30meEWmJkiyOIYvjTMQHVWJ5jS17cxlve6Gs1rlk2iaVnwlHxpUsLlieETN1t5dhowK5XT83482-X3n8tGuNYsang
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=2657765983&pi=t.aa~a.1171853407~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1618909879&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618909879692&bpp=1&bdt=898&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e22e419ebad1ab5-227e5de899a70045%3AT%3D1618909879%3ART%3D1618909879%3AS%3DALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg&prev_fmts=0x0%2C300x600&nras=3&correlator=5610137990111&frm=20&pv=1&ga_vid=1521625758.1618909879&ga_sid=1618909879&ga_hid=455070738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=141&ady=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740079&oid=3&pvsid=3453901730259454&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=oUpoHAVDMF&p=https%3A//sud.ua&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:20 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0A90 0
12 B 15ms
15ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGKyPtMdw2TGn_zugSmzm5SADJ-y_r0k3UyRtWXlBc8x2sowKCRu_PDLr97kQ9v_pl123S

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:20 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 98C1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 48195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 19 Apr 2022 19:48:05 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F36 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 48195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 19 Apr 2022 19:48:05 GMT

GET
H2 200 sp-push-worker-fb.js Show response
sud.ua/ 65 B
206 B 56ms
55ms XHR
application/javascript 62.149.17.71
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/sp-push-worker-fb.js
Requested by: Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/28b7ceb6dba8fe7150ac3c08549b1fca_1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.17.71 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: atrio301.cc.colocall.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290

Request headers

:path: /sp-push-worker-fb.js
pragma: no-cache
cookie: PHPSESSID=j40vb9irpfotbi99lv8cglach0; __utma=223010201.1521625758.1618909879.1618909879.1618909879.1; __utmc=223010201; __utmz=223010201.1618909879.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=223010201.1.10.1618909879; b=b; lapuid=ad89aa0a-cd07-4265-9274-9bfa353d2dd1; session_id=71055c60-e330-4c45-9595-3174fc574005; session_pageview=1618909879.1; site_visited=1618996279.1; _fbp=fb.1.1618909879434.951031933; __gads=ID=4e22e419ebad1ab5-227e5de899a70045:T=1618909879:RT=1618909879:S=ALNI_MaGQ6W0cQcJzOaUvCMGUhSFVS9jgg; rtnp=1; rtgp=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: sud.ua
referer: https://sud.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
last-modified: Fri, 09 Aug 2019 13:11:19 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d4d70f7-41"
content-length: 65
content-type: application/javascript

GET
H3-29 200 page.php Show response
www.facebook.com/v2.10/plugins/ Frame F841 62 KB
18 KB 58ms
58ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2066d7d643e12c%26domain%3Dsud.ua%26origin%3Dhttps%253A%252F%252Fsud.ua%252Ff17b18a31447cc%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsudgazeta%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=8b1cc17864f046cfa9890d628992dac3&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04b0341fd2b4999f6c76904960ebdecf2565bf33a1a2aa4708358364437ed2dd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2066d7d643e12c%26domain%3Dsud.ua%26origin%3Dhttps%253A%252F%252Fsud.ua%252Ff17b18a31447cc%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsudgazeta%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0A2LUT7at4NtD3rnc..Bgfpq3...1.0.Bgfpq3.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

x-fb-rlafr: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
strict-transport-security: max-age=15552000; preload
facebook-api-version: v3.2
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
vary: Accept-Encoding
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: 3NDxPYejP9T+zSaGOj1JPglSuon8v0TdioFYEd4vIQB0iQll5HSCidqqaaCvWe7BOKMedDf6D28tcgEoslD1bg==
date: Tue, 20 Apr 2021 09:11:22 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 26ms
25ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210415&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c16306277f426e69fa2e0289a9bc4187669a1c45ace027c40ed3189ee5615e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6599
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:22 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B60A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sud.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sud.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 20 Apr 2021 08:38:07 GMT
expires: Wed, 20 Apr 2022 08:38:07 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1995
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4_-IbFw2uEC.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ Frame F841 20 KB
6 KB 24ms
6ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/4_-IbFw2uEC.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2066d7d643e12c%26domain%3Dsud.ua%26origin%3Dhttps%253A%252F%252Fsud.ua%252Ff17b18a31447cc%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsudgazeta%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

900649abdfe5e13c5d214cbc36d30795c7af37b3ce5cd9748767425dbbf82de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9IhxJ4BdYsZDBAoL0tJwGw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5360
x-fb-rlafr: 0
x-fb-debug: X52WnbwhIkZFf40jz1WY1u2orEuAF8qf7XyOw4mt+MzpiLhGCDdIvX31YJM2yD85ENNoKqSFpmhruaxkuoQxMg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Apr 2022 16:27:11 GMT

GET
H2 200 gE_HYjdYxDu.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame F841 273 KB
73 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/gE_HYjdYxDu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7237f9cf9ebbb0d3d59948a1f6c9951f89b9e2cca391c1e1ead79579709ce826

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MQDllNF8b3Jlx5vCXVZnOg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74201
x-fb-rlafr: 0
x-fb-debug: wfOv5BAiXPF7KmiW2R8CXGUq4+xGeQKZS/3G6hH7+ISZ83mIeyA14QNxasOHD1vTHWyvd2/88I8st3XsjqNifQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Apr 2022 19:29:53 GMT

GET
H2 200 A1MJ22n9DQK.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame F841 61 KB
19 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/A1MJ22n9DQK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1c07b9f6ebe826cfee9806cc3bb4aa452c8ddc8b7044be3469039efe1708950

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: D2GbXH3+TPUoywjSDw2kIA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 19204
x-fb-rlafr: 0
x-fb-debug: jVguOxJkLg5Th5H2cYRBWGXF57c9OU8IoZ0PwazIN9i9AG1MzTZxKcqvSiVWUS07VSpiNM6EuclPHnkGY53ZRg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Apr 2022 17:55:12 GMT

GET
H2 200 GnfKTsu5HVC.js Show response
static.xx.fbcdn.net/rsrc.php/v3iI4w4/yp/l/ru_RU/ Frame F841 129 KB
36 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iI4w4/yp/l/ru_RU/GnfKTsu5HVC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

235c36879457e86009c184e0d6b7fdc9223b394a5e8c90302e1c0b74a1303dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XanfJ/7G/bIu0sAeb6/jMA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 36529
x-fb-rlafr: 0
x-fb-debug: V6RuJaE8QsTDdh0ea/7jL/hr+Wgx4X9KoBZW/eGqeraQgyBBPDKUcnvTxPXVv1eebuNNrDNll71Q9Y+OZarqXg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 19 Apr 2022 20:10:02 GMT

GET
H2 200 S9c0RQBoVVi.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame F841 7 KB
2 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/S9c0RQBoVVi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60349a6920ff79c452ae390155372bc5977cc4d991fe6ea4d98a5637981434e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: c6TgbLFvlbA+y95MSbS/Fw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2262
x-fb-rlafr: 0
x-fb-debug: 5CvCvPR5midfa/6usdG/4O93BFbR/mqoMmFEpJUdpWFiQQ7qyowD7KJuxwAeaCM3TXKOT8OGcZU92qBZUHz/Pg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 20 Apr 2022 01:30:11 GMT

GET
H2 200 B7grYoB_WnU.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame F841 6 KB
2 KB 35ms
19ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/B7grYoB_WnU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

419556f03792217f06287572ed35b46688d143c0919110ef3e3a496304c8ca5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ESosGwGkPe2XBEsu28L8Xg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1902
x-fb-rlafr: 0
x-fb-debug: W9lqCMlXzqJulVZHx5tcsdHhUw+3fPE0YZ49NnZsoV0QUbCIUoU46883BBPPGwjK4l7dIZkt4/ZY3DUThDVEAg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 19 Apr 2022 17:55:12 GMT

GET
H2 200 61308429_2673461469391618_6865414190824161280_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p173x172/ Frame F841 11 KB
11 KB 7ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p173x172/61308429_2673461469391618_6865414190824161280_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=dd9801&_nc_ohc=zMvPOalOYv4AX-PZtXu&_nc_ht=scontent-frx5-1.xx&tp=6&oh=a5eb22392a0f1fd69ea4acbe759339ba&oe=60A5F9F8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2066d7d643e12c%26domain%3Dsud.ua%26origin%3Dhttps%253A%252F%252Fsud.ua%252Ff17b18a31447cc%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsudgazeta%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 529eeeaba9a77bbbb2668ad7bd8a977dbba4b6c92650bcbf9e8bd92d8f82a446

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 774150836
date: Tue, 20 Apr 2021 09:11:22 GMT
x-fb-trip-id: 917726464
last-modified: Fri, 24 May 2019 14:13:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2425582875
x-fb-config-version-olb-prod: 1071
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11100

GET
H2 200 25438721_1737876946283413_5973550801043864964_o.jpg
scontent-frt3-1.xx.fbcdn.net/v/t31.18172-1/cp0/p50x50/ Frame F841 1 KB
2 KB 19ms
6ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t31.18172-1/cp0/p50x50/25438721_1737876946283413_5973550801043864964_o.jpg?_nc_cat=102&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=tZ6mYkH9IrEAX_0VYy3&_nc_ht=scontent-frt3-1.xx&tp=27&oh=61bfaf0b3f2171e4726145b793f894d4&oe=60A437F7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2066d7d643e12c%26domain%3Dsud.ua%26origin%3Dhttps%253A%252F%252Fsud.ua%252Ff17b18a31447cc%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsudgazeta%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ccb61aff0c5e8e8ddd85be4a02700da15f39ca6101cc81056a8c8769d393bc8b

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 4829837
date: Tue, 20 Apr 2021 09:11:22 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 15 Dec 2017 15:39:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1464476993
x-fb-config-version-olb-prod: 1071
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1411

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame B60A 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 48197
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 19 Apr 2022 19:48:05 GMT

GET
H3-29 200 ApcBOUT5FoS.png
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame F841 573 B
624 B 6ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/4_-IbFw2uEC.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/4_-IbFw2uEC.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: rr2h4CyKxf4k3sJ83h1JwKLcWhUeEBmxijvJ4y7ZWrgcSSHkWvqIoBctYnv9ygmSI5p3dK7zusbIswdrcDyfjg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Tue, 20 Apr 2021 09:11:22 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 573
x-fb-rlafr: 0
expires: Fri, 15 Apr 2022 19:18:56 GMT

GET
H3-29 200 3gKIw20zpPx.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame F841 18 KB
6 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/gE_HYjdYxDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +WweuYtea66RPAEX0Vl2fg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5954
x-fb-rlafr: 0
x-fb-debug: x3JHNOgiD3acDVbAiDFcTwpfYwUHolWljijSbHKnAxg44/2kxSPyRd3g3J1EoIFk58ulLkVKx4TU+oAoYV3rUA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Apr 2022 17:55:12 GMT

GET
H3-29 200 JopZtdti8dq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame F841 7 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/gE_HYjdYxDu.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2270
x-fb-rlafr: 0
x-fb-debug: qVWZOqgF9IDxh8i6ilYRUGEfne1TpUwxZSL6Xkkb6rKYU6dvKKKNaZEWfhm0esTuUo6o1PnbeRP0tHy3rzQvYA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Apr 2022 17:55:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210415&jk=3453901730259454&bg=!v7ylvPjNAAZUuIlwVLg7ACkAdvg8WqABHNa5B-w0FhWysncnc1Ubfxsgsy8_IZ1KTIOAPsru5OwmEgIAAAB5UgAAAAtoAQcKATZSyKy2L5HjEXDpV_NFtS4sh_XyREYm32rPm1qb3PL1276SpvvVQgQDlch4_Q5F2jHcM6fZ-ZiUOGe_LH6xha54XMZjlQN7CiqpYNA4Mys3HOjxROSJpGHir8XPTmpGahGRwNUUthdbeDrlC9FTUYCMDqfeEJqAYcz7gFcjwBbzxVz3SKO-9RceaqQr07UcpT_1HSrXnsccydDBC5uR-dpKLKw8OH4yKtnEpJzLQl0bCFgfV39aDIG9kHCu5Z3jQe4PfgR35LaU_e9_Bbysni87LoBwDg5Jr0dQzTmUszSte2U4xLZ-OOPDOGsgYmsi2puDzPu6cNQVhncOkI_u_ZZ4UpViIsBAa3MG9_u6YudRrwTdsUiIv13W8f05FVPxfshBjzNBKTepnobzXwtYX8M9kIxEMn3TmQHOH0Q49FlVKyzie0RSWW63DKupKVwNJh7AKC_SIS-QYaNrnKY4lC1pXZowROcmNOOhUOga1PyUeMf7DHO1Ml7rTIbG6IoOmWHuFVHtZsosXCtQOsK7zAfRea70ft806AI93mI7gl4oNNAu_BV6Kc72dxEiHjXL7BJry_UYplhUNRrrM7H2MG0ZfGm-9SBoGZROSBJL7z5aANLZO8K-jb9urXICVVReNSeeZZOX2Yj4C6KZlVInAq7x6pAbsKia51eaPwvNtciPiNErepdk4eTDsz4xfDejIc9chHg_PjwWJOZIMR_q30xG7X_PThi4joBY5sWDLVzoeo1uje5RnoBkZjkwqFpHHEYLBKsMtbckLDKcM8rSk5YJ7mKqVBzDHUOahlPKEsGBqtyqf39FoT1S4tl_KRV8y63No97GqyDzLmHkK5xjwXSMh6tNa-y-Qz21921425_UUH3vQzgDy_RLLtzc9J1VJ275vbo6UoBGGxfKANG6KWo3AJItZON3whbX_9-CeAyzRwqicLvDvS8cpGWlg8QyamwIB0u-Y0k4XAMpaieHRJz0wbMdk7RGo4ikvbDBnlKk-L28RAAnTl31tDDL9HuPKeionBOh6Cuf

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1C8E 28 B
293 B 19ms
19ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
X-YouTube-Client-Version: 1.20210418.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtXdy1pbWdURXJ5SSi3tfqDBg%3D%3D
X-YouTube-Ad-Signals: dt=1618909879565&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKre7GznP7_h6MJ-MyVOjtJ4mI4JBnrkNhKCb0xm9Mtlu12xMLZKiDDJFfbuLphfTYcxI15Q8yg-Fj6kpj92Uykq3P-_Aw

Response headers

date: Tue, 20 Apr 2021 09:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:29 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5CCE 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ba95ea16/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
X-YouTube-Client-Version: 1.20210418.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtkOEZpUXNrTGNBRSi3tfqDBg%3D%3D
X-YouTube-Ad-Signals: dt=1618909879861&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C200&vis=1&wgl=true&ca_type=image&bid=ANyPxKqPiznwuDjkBbUPs7PyPuIh9eGukzIuU-eBMAgWfp-CLldtOITrsp4ZO_E43cbn_YzAMYWN90TGxT3wU9ksiEG1PjMplw

Response headers

date: Tue, 20 Apr 2021 09:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:11:30 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://recreativ.ru/tizers.php?bn=RXTtRlV3fD&cache=t5zf4tfesWr62x0(Line 1) Message: rc:RXTtRlV3fD:start
console-api	log	URL: https://recreativ.ru/tizers.php?bn=RXTtRlV3fD&cache=t5zf4tfesWr62x0(Line 1) Message: rc:RXTtRlV3fD:end

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
adservice.google.com
adservice.google.de
ag.innovid.com
buttons-config.sharethis.com
c.bigmir.net
c.sharethis.mgr.consensu.org
cdn.sendpulse.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
dm.hybrid.ai
dsp-trk.eskimi.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
go.rcvlink.com
goods.redtram.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.bigmir.net
i.ytimg.com
image6.pubmatic.com
inv-nets.admixer.net
js-goods.redtram.com
l.sharethis.com
m.mixadvert.com
m.trafmag.com
newscode.online
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
platform-api.sharethis.com
px.adhigh.net
recreativ.ru
rtb.openx.net
rus.redtram.com
s.uuidksinc.net
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
st11.rcvlink.com
st11.recreativ.ru
static.doubleclick.net
static.xx.fbcdn.net
sud.ua
t.trafmag.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.19.133.78
136.243.128.165
136.243.140.49
136.243.84.75
142.250.185.130
146.0.227.110
147.135.189.55
184.30.20.241
185.64.189.115
193.200.65.5
193.200.65.6
193.232.148.146
193.239.68.97
193.239.71.100
216.58.212.130
217.182.200.29
2600:9000:2190:9000:c:abe:f440:93a1
2600:9000:2190:b600:1c:8a07:5e80:93a1
2600:9000:2190:e400:c:a9b7:ddc0:93a1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2016
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a02:6ea0:c700::1
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
31.220.27.134
34.120.139.69
34.246.227.69
34.98.67.61
35.186.253.211
37.18.16.22
5.135.83.158
52.33.71.0
52.58.221.124
62.149.17.71
62.244.25.75
62.244.25.85
69.173.144.165
88.212.201.210
00decae85b73f456182a67b0226dccdb5590167c0e6878bb533c54b78843da1c
01650f811314c520a71b059d7d6bd0e2382029d1c6a6f82524400d3563bad922
03918e7f1255c7be0f422b545e9fe888a38e1318294ed36c8aaeae7115ec17d0
04b0341fd2b4999f6c76904960ebdecf2565bf33a1a2aa4708358364437ed2dd
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
080caf1867eb9590d5bc98c4ba64aa0d62ef95efe5bbccc83e52114c18f101ed
0ad48e80fbe5b37de8bb25a87f6da522fc183a0667ba14eed2de45eec9e2c497
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fdaad19dd6ac38461607d06370a64710c9ac3bfb163c33e931ee993ec540bf0
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13cd5c51c459b11de3be896c4efb3cf3c32b5ed3a11128dceac6f712dfeaec3e
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff
15b354fe3c57910c4defbf4f303c2bfbc91364606bf3749568aa919c9910f5cc
16674254c1bff4da52d60e5f29cc885d960f59ed667284baf82a90dcbc1de1dd
188bfc8f2cc09fc0027131648688581c485a3a927ec60383475e17736b1e537e
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1f23ad27b3c331b4335beceb73d5cfd55feac0a4b454376c55546308b366d071
1f8d586314835e4b7df447571a65de608871b7699741f69f68b7dcc2d41b5c6c
1f96f36d56e81497a409795146db0437ed8265c7b5351b3053975de32b886900
227fc9e1f83f53831fb7be887fbbf71d601c9e40134842eb9ac9bf8cf65de4c3
228bd9e5becfebc3da8f4ec49a6397272409484354f7c7dddd0fc788fc4b1a70
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
235c36879457e86009c184e0d6b7fdc9223b394a5e8c90302e1c0b74a1303dde
24ae882e5315cdfd8856e4bd212b6648f57d794252722d341c81d73d71dd6a11
24f306b82871f7cc1526d1c202c5f38ec7c79a067fb1ac88e534c46db2e7655b
25a3417c70e26250627ac4951a75219f18a6c95b8a1f1ff3ead5b69831ce5058
260315e4555f49b1337ec2b809c44d6910e10205c65e5141bad381805d2ba826
26df20401eec2e603ce21ac13ec7e0a9e90413dd9c5ca13910868a3e746d3c7e
2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290
2c49951d3193c7e97874c7ba72e331b98038bdc2eeb9bc756814c8d4057b9c3e
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705
2d9ef3a7b5e0218a1b81ab71e7fff7eb167af16de2f5a3b6a132a9a8862b0168
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e94a317a7f2635bfaf72979726018df5e2faaba0a3d3b233cff324eaff6d37c
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3428780c1fd8d03128de1ae6b2f394d8b408f892dad48b9860f94afe991c46dd
3615db66e24728a8964a527d08487c365c53a995d57530f51eee012b82e4cf73
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
393334b97df53d496d5bdf85d4a7b88a279d69d3ad69903418ae0bf2a1825074
3aceed8a40c217b0568b8c04fdb4314a19eb2d6e1f3c8133657c1d4dc291863d
3bb8cb0620eb0c33262b6a389dcb265603228459e4ca59e31d6b865257f72de4
3c2dd3287ce2096fcaefffeb829e872eeea7e94983da1404141723b59b03f639
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e2a7a63ff39c91714f1e3e241b5e08fa8740b98b40dab91d9074f738117ffc3
419556f03792217f06287572ed35b46688d143c0919110ef3e3a496304c8ca5c
44ed6d71ff10fba2c18d8fdc8c72d89e9aa1955400076d3f123e3d8b1aa09fc4
475188e46a83cd66aab8370679233cbbe71348e08e49933fcb99d3d6dec9b4b4
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
484d752ef782acf531006c2e078e3fcac05fb7dd5f2ecd6ceac5a4ad3a15f0b8
48ed8cfd21796cde58e9494dc234a7860b50666d674355b43b0f74a0a461f2b9
493934fbbe22818df2d4a46ea8598825eaa0cd77c8cf5b1f5e873a6db0b2de36
499a3470c70f942fabfb9a6ae87eecfa66e3302d1c492bb20fb2d3efb661ef24
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f153750d7cd90a673fbf081c835672588c35fde4741676bf21b45c955eedb91
529eeeaba9a77bbbb2668ad7bd8a977dbba4b6c92650bcbf9e8bd92d8f82a446
53725ee1909c1ca873eb7d9d884446abc40dc7b37f5f1ffef98a3d7ea698aa07
53e7e80e3b19f265f1dc0369efaaec9746d8e73cba4167459838c1b5b97d1cc1
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a9a7226144ec71aa7bbab9ac47f8db950f99a49c76113a61a9829ce1aec50b8
5b4ad7e40a4e6a84cafb2ceb32ec2f04eea738cf493891f94ff39ed40d7868e3
5c5d23ebe06add3a52554f17192978702829f88e1243abb1e87c4563ffbe2a44
5d48eafdb97c8d21206f6a45eb7ef84dc3dd56cfd4edaf8223048da2da82b2c1
5de3e8696e58c08254057aa257ac932a7fbc798331eba787651cd6b8c1750970
60349a6920ff79c452ae390155372bc5977cc4d991fe6ea4d98a5637981434e7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a77e4c399abddcf8fbe16bc731d01b06e99addff6e0e2c3f672eb39ac86f757
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae2f2e3ecb109d17757f1a6e02bf7d3f40e9c9ad2ee2a9e003a85286659c7b2
6fb65c9aca3d1d84fffbc50bd6ff89eef346ecbe661122ea635316a4e0205ff8
710e80f7571bafcb61fc7ac617d33bfa41c0bd36726dfec094914eae26ae2e20
7237f9cf9ebbb0d3d59948a1f6c9951f89b9e2cca391c1e1ead79579709ce826
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
73538858e81e48b36ffad1087179f0d507fb764086355afad24865e5eeffd5a3
740cb53532e536c1c7a90cbb037a9a002d2126b34bed1d6d3722b52d2bfe11b7
76db4847769465e3baa406950cc52736510b59ccafc06161b7cc2fb8455b8e1c
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
7aae860fe980d20d4271ba2c74e6952833061a001b1f8448c100c6ee96c6f8b7
7d80af3c384803e7d575ab00e9f49714078119ab14658b3574e5d16b8a47cfd8
7d89fa49c6cf0547be40aedfcedd1c5656d59d92cb39292fc8cf07027bc60234
82aaf2b2bb3fdb5f951177bb734c241b04428a31fac690434b6d4e54957141ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ea83f06d03d75cd64b9243d30ef1d5c5a24b2b997f72b7c827786dc125945b
89dd625eccb62a6b9942e5f5992c293bafbc2372a5ff18d1b2ceaf7d48910090
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
900649abdfe5e13c5d214cbc36d30795c7af37b3ce5cd9748767425dbbf82de5
911422df0cf0338f6a56ad9f918bbaa4418e901a74d548b9f26ca6b8ae24df9e
91a09d01996e7873fe9aebfe9e3398fc51eda56bd9d2f3d371192b8531f08950
943577f1fd3b5e3241b8987275db99086787d6662365c1515f699e6b642fe70c
94511a51fcbc18a450cb0335adfb20ab351098115192db6dfc623b6ea2302794
94882beb64831e2d0d76b8e199db1234d48893bbd34c4014266c63f8dbff570b
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
95f9df9e760042764c811402bf742e6a82cfd246b1b77c2e0d9000a98411a53a
98686dc2034f008687be3cae14c7561ec818c0a48c21cd9500e76a2f21275039
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
98e72e959c97200da1ab834304c2e1a1887cfb347e25d1f1a759bc708f7c986b
9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aeb04131df1322b44d201b4298aff834e34a31cf3fc2e72dc2341896bff49d3
9c3bfd9a33f41d24ecac9c57e05f86b8cef6c2dfd9b10ca8cd704e439f3e7900
9f0377a08308b433f751c40610bd8cce1d1aa3b087dbcbc436d81c33d9d92408
a0657caac1833ac27499d1d6225ff43069e64a311c978cc16418c3ad1cee7ce9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14b348a610401875e6ac6e40ee387af0b1697eb07c4c118eb66261d1e6cb7ee
a2d1ca3ffdf9c824de2615c42597a9fc274558d98358caae794c52786214a97a
a2de82e6c60de0075b23fb8ce34692fd24ed3f0908282da1d8c53d3eea9a0d33
a401396efb891ba533e90ecf2503aeae1097fca4243055079dc8cb12e5124c3d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a537d6746ab53bb766db09c3d67a43d1a033137bd0901431837ce6832b69342e
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6b29649695122285a0af27dd2ae18a932f869d963a2400ccb9eb330c6234436
a86406d2365b5fac7880064f5a9b0f4a35eb3571f0e5874f4bdffa45bebd5ca7
a8d5ee219683061c909a445a41bd4566323498f873a939a88f885f813e577f34
a92ed3f7f8cbe031d8134ef9c1aa88d1acd52c00f32d8cf21b211bde5ca51410
aa6536a08b85ecbcd318c3d7cc9c3e204a5e55c859d131a89829782d487a08e6
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ae46cd167569f8d28ed023c9eec30a75447cc9f0255b00ec1bc947c8eb3bd11f
b0ab8dc4a04389ab03b1558dd3229db94ed6e10f8e4298fcd2322d47fccaa453
b1c07b9f6ebe826cfee9806cc3bb4aa452c8ddc8b7044be3469039efe1708950
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2f20ba0f34bb6447e1204662eff864543b754047a2b75fa7b2cf6cd2a9177ac
b4e1625b40d5efedd2378f9d54c3d6352ef9ca8ddd39b1d2686e9dec7ae04c8a
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
b8354b7c22d929f96813a47a180733df642fac250fb25d4e8709d553cda93e75
b8eb9bee34040486c5475bb902b1a047e1ec20d07ef32dd8fb87e4a19ee4b9b8
b94c180b6b31eef0965a12492ffeabc00962c355b442367c168ec070e47e03f5
ba835b31996c6891a39f2ba22fc4e5c97881d5c1f49fed9994ac6526a32ce167
bae3d80af60fbeee8510be784f26449f2fe402f0c9515e96f44e13249562ab3f
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
bd29d93688f3cfb2f685ca050428cf6ab7cd7d4a7d723a3f39c78f1584419ffd
be6e94ecf29b4cab11120ced07a975654c6a85678b7646f6e92e1c4673206551
c0683c3d12f0bca5e417a83c47f5ed531614a96637799f9f5de0d4e950c3a8ee
c0ab997391abab3e273f905250bdc273cee6566988361ade951087cad01eab03
c16306277f426e69fa2e0289a9bc4187669a1c45ace027c40ed3189ee5615e3e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c7d4e2f4ac960edd95bd012d67be19037254a8ca4de9f543840ec0d2f0f5f0dc
c8e2a00c397f02038b70223a315c58409cd4b29b577c7b67b076c4ddffc1e932
c9fdfc1254d209edbe6b0042f594791b947bac3e48ebbae394e807cfa5d6ebf6
cbb746cb1c4bf5795e073ab19240d469386bd0635cbdce4c520bdc272f11d02b
cbea5aa09e0056f767cc78594912749a4f6b1f32074afc94b8d96b77d058acb4
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb61aff0c5e8e8ddd85be4a02700da15f39ca6101cc81056a8c8769d393bc8b
cd15990b17d2d9fc3f84859e5cc778ee22113b01592f5d98433d44ca4a4ffee2
cd51ccb5a721fa2dee14495f4a2304aa493ee0e1b9e8cdccd5c71681f8679d33
cdb043ab40fd19b57a7758dcf3e3bed305652590e794134ab56b4cd33f6c1510
cee63b6a4bbdd17f432bde950a1183d2b851819b6ad25f0b299101c6bb49f1da
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d0e5b29329ce77c0d5256d88fcaf35406fce0992da83d46bf320af37672874c2
d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941
d39876159a565d9c3c7a6abd4c4ac30182045b2c9ed5013aecded4fd9802c86f
d59d178691db4392e98ce3b399c7bda3d43c5cca582d3d836b56fc129961cacf
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da4b5b07477784514c5b7669c83e1d2ebaec4dff8fa63d4bbf2f56973179b207
dce358c8d9a44e55987ff53b453ba6dec399b3106d559142db61961c2b95de83
de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dfa0787f7e288bf16016f1a7418bc24740fd75bf38a446126c09a1c528153c0e
e0a9374d6b5359aaf7c98d404415fb1a2263477b41d1b9cde4523b78d73a7768
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c9141010cf4cc43881f45220d5a17e89938fc24d9dd8a3a8b98b36ccd33d30
e50add0998905ab8975e5147a7a6bdd515e7df904323f7f0d29c3a32dcbe9323
e78485512d4639364b21e3a5df5c3e939873cf8a8a826529539b9d9fadbcf584
e79d1280b0336fa2f1f507a1efc1803fe6961a376e1dd6fe0e00ef4e78c9cb59
e7e59bc84d2e443d702053f6ae82ba4449b26f25188ece2864deceee88d7b85f
e7f0018c5ed7195e5cf71a4ed0912a2506756132d7bccc144c150471f22c0cbc
e814bfc493429b4bf766668f80942724adca03d627fbdf64438f83ae3cb28118
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eed8c3d246f5aed714f3cd137b8b35d3f823b020192e0de188dce6209634dfe0
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f39d5dae5c181626fad84825a3b0b96a7479b2d9a09d82766e214d6f0f75df24
f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23
f7db94f96a5b6b6f7c2e7c8fd4961ca39af428e4506d68cea82b2ce4d81751b4
f86585a5c8a27d5ec8779777fce68c7e0aa637e7862a9562195ab81417d569df
fa3b6b444ffbf3dadd31b66c2ec3f593db35c65ff29f08692cf7f4776d20af1a
fb09b9e81623ace5c333177fc5a04dff2004187804053f6e979f4b973743ee9a
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc547a325ef7aaaf342099d9a8ee616af4258661e95efd4ec5e37301dc3b4519
fce918d665463f6f4298df9d2e2cab9194efe5c67490a77d72540fe19928481c
fd945fbb0a145303f4b3e548fca8dea34ab6cd2da9ba1ad86f666163b5c8b64c
fdea10147f6783ca3b985ae70694e4fa1be88588c8dfab3862fbc1effac3a53d
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c
ff5dff32d6574a74371594d2416d221bbc7bf279b00cd72a7ac10f2351a1cabe

sud.ua Open in urlscan Pro 62.149.17.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

289 Requests

100 %HTTPS

51 %IPv6

44 Domains

62 Subdomains

52 IPs

9 Countries

6023 kBTransfer

11869 kBSize

0 Cookies

16 Outgoing links

Redirected requests

289 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sud.ua Open in urlscan Pro
62.149.17.71 Public Scan

Screenshot
Live screenshot

Full Image

289
Requests

100 %
HTTPS

51 %
IPv6

44
Domains

62
Subdomains

52
IPs

9
Countries

6023 kB
Transfer

11869 kB
Size

0
Cookies

289 HTTP transactions
9 data transactions