www.capital.ua Open in urlscan Pro
2606:4700:3037::ac43:9389 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capital.ua/
Effective URL:
https://www.capital.ua/
Submission: On October 11 via api (October 11th 2022, 11:54:52 am UTC) from GB — Scanned from GB

Summary HTTP 206 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 40 IPs in 9 countries across 31 domains to perform 206 HTTP transactions. The main IP is 2606:4700:3037::ac43:9389, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.capital.ua.
TLS certificate: Issued by E1 on October 2nd 2022. Valid for: 3 months.

This is the only time www.capital.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:b0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:303... 2606:4700:3037::ac43:9389	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	104.18.18.39 104.18.18.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.96.52 23.111.96.52	39134 (UNITEDNET) (UNITEDNET)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	2a02:6ea0:c70... 2a02:6ea0:c700::20	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
2	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6 18	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
6 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
26	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1 2	54.171.30.234 54.171.30.234	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:21f... 2600:9000:21f3:8a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4280:a871:9680:529f:f9f1	14618 (AMAZON-AES) (AMAZON-AES)
206	40

1 2606:4700:3031::6815:b0c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capital.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:3037::ac43:9389 (United States)

ASN13335 (CLOUDFLARENET, US)

www.capital.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.39 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

tcr.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.96.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.62 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.30.234 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-30-234.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.239.111 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:8a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4280:a871:9680:529f:f9f1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	201 KB
28	capital.ua 1 redirects capital.ua www.capital.ua	535 KB
27	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 171 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 304 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390	225 KB
26	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	821 KB
15	google.com apis.google.com — Cisco Umbrella Rank: 232 www.google.com — Cisco Umbrella Rank: 19 accounts.google.com — Cisco Umbrella Rank: 130 adservice.google.com — Cisco Umbrella Rank: 136	223 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1153 static.adsafeprotected.com — Cisco Umbrella Rank: 828 dt.adsafeprotected.com — Cisco Umbrella Rank: 768	98 KB
11	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703	9 KB
10	tynt.com tcr.tynt.com — Cisco Umbrella Rank: 162881 sc.tynt.com — Cisco Umbrella Rank: 15750 ic.tynt.com — Cisco Umbrella Rank: 4960 de.tynt.com — Cisco Umbrella Rank: 2358	18 KB
8	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 20491 id.gravitec.net — Cisco Umbrella Rank: 102317	57 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	127 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 334	6 KB
6	gstatic.com ssl.gstatic.com	6 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 991 syndication.twitter.com — Cisco Umbrella Rank: 1241	152 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 115	234 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	90 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	120 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2488	1 KB
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2279	592 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 915	207 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1482	462 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 900	140 B
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 916	1 KB
2	bigmir.net 1 redirects c.bigmir.net — Cisco Umbrella Rank: 109717 i.bigmir.net — Cisco Umbrella Rank: 221638	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5221	792 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 205	2 KB
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2523	548 B
1	adriver.ru content.adriver.ru — Cisco Umbrella Rank: 24060	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	17 KB
0	atdmt.com Failed ad.atdmt.com Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
206	31

	Domain	Requested by
27	www.capital.ua	www.capital.ua
26	s0.2mdn.net	www.capital.ua s0.2mdn.net f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
14	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com s0.2mdn.net
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
8	dt.adsafeprotected.com	f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
8	apis.google.com	www.capital.ua apis.google.com accounts.google.com www.youtube.com
7	ic.tynt.com	www.capital.ua
7	www.youtube.com	apis.google.com www.youtube.com
7	cdn.gravitec.net	www.capital.ua cdn.gravitec.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	ssl.gstatic.com	accounts.google.com www.capital.ua
5	googleads.g.doubleclick.net	www.googleadservices.com f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com www.capital.ua
4	googleads4.g.doubleclick.net	www.capital.ua
4	www.google.com	www.capital.ua tpc.googlesyndication.com f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
4	platform.twitter.com	www.capital.ua platform.twitter.com
3	static.adsafeprotected.com	fw.adsafeprotected.com f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
3	f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.facebook.com	1 redirects www.capital.ua connect.facebook.net
3	connect.facebook.net	www.capital.ua connect.facebook.net
3	www.googletagservices.com	www.capital.ua f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
2	e.dlx.addthis.com	2 redirects
2	ag.innovid.com	f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
2	image6.pubmatic.com	f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
2	odr.mookie1.com	f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
2	id.rlcdn.com	f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
2	d.agkn.com	2 redirects
2	fw.adsafeprotected.com	1 redirects www.capital.ua
2	syndication.twitter.com	platform.twitter.com www.capital.ua
2	accounts.google.com	apis.google.com www.capital.ua
2	www.google-analytics.com	www.capital.ua
1	ssum-sec.casalemedia.com	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	de.tynt.com	tcr.tynt.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.co.uk	www.capital.ua
1	id.gravitec.net	cdn.gravitec.net
1	i.bigmir.net	www.capital.ua
1	c.bigmir.net	1 redirects
1	sc.tynt.com	tcr.tynt.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	content.adriver.ru	www.capital.ua
1	tcr.tynt.com	www.capital.ua
1	www.googleadservices.com	www.capital.ua
1	capital.ua	1 redirects
0	ad.atdmt.com Failed	f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
206	50

This site contains links to these domains. Also see Links.

Domain
www.bigmir.net

Subject Issuer	Validity	Valid
*.capital.ua E1	`2022-10-02` - `2022-12-31`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.capital.ua/
Frame ID: 7C0910C63A7B962E4C757755982B6006
Requests: 78 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: 9AABE7DD087690CDA7CDEE8BE7A3DE67
Requests: 6 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 66F28C74A6B4902092DC7D59D3D4070E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.capital.ua
Frame ID: B53E570EDCBA5DB63DD2229D4B46035B
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: BD10D32D55112F4720EF32848D4B653C
Requests: 5 HTTP requests in this frame

Frame: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7F225920E64BB25A0C0DDE2C7E713FED
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.7dae38096d06923d683a2a807172322a.ru.html
Frame ID: 5BEFD8863892A75E69B56DACAB4308BA
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: 1F0981496D84489F4DFA2484720FD1DF
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10a657d811ffe4%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff3b0161ac03413%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
Frame ID: 4AA592848B3B09B17B0CBF78EE078992
Requests: 1 HTTP requests in this frame

Frame: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3FC999AD600E6A44066A06811F798385
Requests: 16 HTTP requests in this frame

Frame: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1DCA760CE1B18164239108043553F1CB
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9CCB3D574E169B6EA53DD071B7EABC0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE84260F8F1BBB9DED98082C694970E9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXRTbcWV7qCy1y2G9fEz5DHpsL1DtH0v6CQ4K0D01rdnlw3Q6i3H6XhbJQ-WyJCM5BWPIuldIGlSTkpVb4TnEme-qrH0FfLooKn6AvDUPGZb4U_wxoD5RsXJfYS4v63wDt1hoQh5rmO1vS4SmdYpFylpy1_7NoeM8_EQb9FyXAWVFZip78
Frame ID: 67DA2EBF90ACD9E8E01D26D5281BF600
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVBTz8ruDhML_1hJuyV5Fo5d18s3RiaAlQqfPklAS0qdRe7neUYTcDOhrCH5i-NpzwDiCBt8Y__6109QbmG2CBP2zPOM65i9xiO60cp0dfrXJqbl1wvBXzs6YWGv8SpdB-xXTG0xXWJxAHm3oUhpUqE4rjByjH_CKPw7FO4_ioBnRhegbc
Frame ID: D2EF971577B550FF6EABA29B62F64FE4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84E27E9BD87C2E29BBE1338445BDA15B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7C8CD22CFE519A63D8D66E7C546ADC6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 04DC56AED367BC8E0D5E35A8C8D68162
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A99C44401313C36A0255A8978D06A60E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html
Frame ID: 6BDC762F9DE27D5057F6DF883B22162D
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
Frame ID: FDE36CDCCFED8E81BE5ABA612ABDA3A8
Requests: 19 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5DE9B3CCA8756A65D631B8047397EB69
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
Frame ID: E7EA2ECC3318BCEC4A975464C5FBE8B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Капитал

Page URL History Show full URLs

http://capital.ua/ HTTP 301
https://www.capital.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

206
Requests

92 %
HTTPS

57 %
IPv6

31
Domains

50
Subdomains

40
IPs

9
Countries

2723 kB
Transfer

6663 kB
Size

26
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bigmir.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capital.ua/ HTTP 301
https://www.capital.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://c.bigmir.net/?v16931254&s16932857&t3&c1&n458197&w0&y0&d24&r1600 HTTP 302
https://i.bigmir.net/cnt/03.png

Request Chain 92

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=349712125128014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10a657d811ffe4%26domain%3Dwww.capital.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.capital.ua%252Ff3b0161ac03413%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcapitalukraine&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10a657d811ffe4%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff3b0161ac03413%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&C=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0VZhy2UIkNo.XhhpExOSAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&google_hm=2

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEO7BVtJRWx5sbOxO-CB4NgA&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzE1MDYwODk4MTE4NTQxMQ%3D%3D

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&C=1

Request Chain 123

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0VZhy2UIkNo.XhhpExOSAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&google_hm=2

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEO7BVtJRWx5sbOxO-CB4NgA&google_cver=1

Request Chain 125

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzE1MDYwODk4MTE4NTQxMQ%3D%3D

Request Chain 141

https://d.agkn.com/pixel/2175/?google_gid=CAESENNy6gXnMlVkjK4upiDLeLo&google_cver=1&google_push=AZmPxg9DQ5W4NoOwyveFMvhec-t0K0C5Djm0uNtrY6v1wFCp6wnOS3fYB5yufdJhL52qg7wb5reu-4SqCAi2_gCQMOhGyYItQ5X0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9DQ5W4NoOwyveFMvhec-t0K0C5Djm0uNtrY6v1wFCp6wnOS3fYB5yufdJhL52qg7wb5reu-4SqCAi2_gCQMOhGyYItQ5X0&google_hm=Q0FFU0VOTnk2Z1huTWxWa2pLNHVwaURMZUxv

Request Chain 145

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL4w5vz7xPsJhuoe39tOduc&google_cver=1&google_push=AZmPxg-hVSEcqb4pgN_IXWLFvZU-h52GoDpsraIyZhbd4YYLtEQ6bRdAPP1UQp5W0OnYdBcTKFAdg8ssU0WoeVP_bsWMOR6-IDFM HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL4w5vz7xPsJhuoe39tOduc&google_hm=Y0VZhy2UIkNo-XhhpExOSAAABFYAAAIB&google_nid=index&google_push=AZmPxg-hVSEcqb4pgN_IXWLFvZU-h52GoDpsraIyZhbd4YYLtEQ6bRdAPP1UQp5W0OnYdBcTKFAdg8ssU0WoeVP_bsWMOR6-IDFM

Request Chain 149

https://d.agkn.com/pixel/2175/?google_gid=CAESENNy6gXnMlVkjK4upiDLeLo&google_cver=1&google_push=AZmPxg-892u_g5uaXXVwK-aiUwU8ymduwPyb47skR1FLvbOqReRxND3PjXGgmbdB6pQhiH0CaBO0QeoH6F1qjLPp8J5kU_wqAX1L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-892u_g5uaXXVwK-aiUwU8ymduwPyb47skR1FLvbOqReRxND3PjXGgmbdB6pQhiH0CaBO0QeoH6F1qjLPp8J5kU_wqAX1L&google_hm=Q0FFU0VOTnk2Z1huTWxWa2pLNHVwaURMZUxv

Request Chain 151

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9rpHb1468Mbi_152llsMIh_ee4_stMcAUvYz9k2vBrRBYfcdc6fgfDzUqDe1aplebCr_DeomA72nyLOt2MFJEJHfDR_UOs&google_gid=CAESEEEkSGhLMxHBmhJGbDARd5g&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9rpHb1468Mbi_152llsMIh_ee4_stMcAUvYz9k2vBrRBYfcdc6fgfDzUqDe1aplebCr_DeomA72nyLOt2MFJEJHfDR_UOs&google_gid=CAESEEEkSGhLMxHBmhJGbDARd5g&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTExMTU0NDgwMDAxMDQ3Nzg2ODQyNQ%3D%3D&google_push=AZmPxg9rpHb1468Mbi_152llsMIh_ee4_stMcAUvYz9k2vBrRBYfcdc6fgfDzUqDe1aplebCr_DeomA72nyLOt2MFJEJHfDR_UOs

Request Chain 183

https://fw.adsafeprotected.com/rfw/st/1151929/65580770/skeleton.js?adsafe_url=https%3A%2F%2Fwww.capital.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ef5c9656-c896-fe9f-7646-635725003ad3,c:qJEHcL,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-4nczs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:284,mot:0,app:0,maw:0,fm:tjXhjU3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:300,oid:8120426f-495b-11ed-8936-4ee3c646467b,v:19.8.355,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

206 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.capital.ua/
Redirect Chain

http://capital.ua/
https://www.capital.ua/

41 KB
9 KB

184ms
76ms

Document
text/html

2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280ac3665f7f04bc06d455d742eaa9c86ce23fd0eb830e094a81d64fc77c9c29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7587671dcfa9dc3d-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 11 Oct 2022 11:54:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I29uTK2eo3VL3S5aXvxDwpoI%2FmMqe7GmC1O3O6qZZrNdcSFNeMdN0p%2BSsdAKMA4Jwr%2Bq97CVPYBxpdxqI0NW11f67xk2ykzHce2VwOySc34eWM7Xhl%2BKOrevV73ws%2F%2BJ1%2FUetMGNB8UzsLL8ew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7587671c99ab7192-LHR
Connection: keep-alive
Content-Type: text/html
Date: Tue, 11 Oct 2022 11:54:44 GMT
Location: https://www.capital.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AemZfylHgg7FTLzCr6JhEl3ItaeQwcVAuhrFrfFUTJJAQrjitEuAvEapGECluq%2FCOmK7ngFfnbt7P2FrvoMndQL2sphCRD4WGngVv70n127up9OmfVVpXf2xwaMZOr2HVUo7eGx27mG"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/ 64 KB
18 KB 241ms
113ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: f72c00b15f5e8de9e6d3b0ce7cb5844461b95b80b2765684e8251674898602e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:54:36 GMT
date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:05:51 GMT
server: nginx
etag: W/"61fa496f-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 optimized.css
www.capital.ua/assets/ 126 KB
23 KB 68ms
65ms Stylesheet
text/css 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/assets/optimized.css?1554978132
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f9260505cb5526e66a90f881f03937ac90713ccd18b2e8ff87d1675b388aea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2019 10:22:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 58873
etag: W/"5caf1554-1f799"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E%2FdBIIjoZbg8fWCaC7fDRRCY4M61iTQnbwqLbDc5Upu9KXH7Pqjv2pLbEazdAeEa9djgmyMiJCpprRwF%2FW1wrj3CILuUzMEMohkFsXxi1ifl8GfSGidc0BNVFv0mGyZ6UW%2BSIZQhNoYxzVT3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7587671e5896dc3d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 20:58:20 GMT

GET
H2 200 optimized.js Show response
www.capital.ua/assets/ 510 KB
150 KB 111ms
109ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/assets/optimized.js?1554978132
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db54105fde6a0d05b0128e79b9cb1f62c03f6b1ad56f2f3d4c276b502b89e58a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2019 10:22:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83528
etag: W/"5caf1554-7f692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGZu62YQf4NMTcEBIcnciN50Igbr0pNIex53jHDVIAMDq1fZNUprQF4Kd54SkKRuavUUXVWoJWb7SNqSbCYapt0JGEZPD36QEmtDjG%2B2x3sbRsUuhFHmubiS3sL%2B0RkNl36vb7c4T7tCAUMraQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7587671e5899dc3d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Oct 2022 06:23:11 GMT

GET
H2 200 adriver.core.2.js Show response
www.capital.ua/js/ 6 KB
2 KB 55ms
53ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/adriver.core.2.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b510daf4a269c50ee4669c06f25d6b141676acfd21d3faa9663a19e96ac2cf01

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83528
etag: W/"5b4f39f7-1719"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glVjzfOY1a%2F%2FJqo7ku706jkFIrVI7dLxl6h%2BSnZiOn5IhcbJ%2B9FZQF5PVAnbsUnVsWRIj7Z6%2FhQycGkwLXQlxDcc2NEYFQmWpionD2MnZqNUtfuZ57PI21OwAuVTOCEc0IOf5pm7ZdmuehJWiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7587671e589cdc3d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 18:30:03 GMT

GET
H2 200 highstock.js Show response
www.capital.ua/js/highstock/ 167 KB
63 KB 68ms
66ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/highstock/highstock.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350bced20d8c9ed3eccbc0b344aad8e292f6eef92752334683228761a257ac0f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83528
etag: W/"5b4f39f7-29ce4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVtVx1n59zUmRNYnp8CB6dwJSExRSX8B8UtOrAwElEt%2BcZr02uoMq2bZ%2Bc%2B1eRhjmqzWfrWX6blyi7h8jCKayT61bw%2FJH1w%2FmEKbIzaOogS7vR8%2BojgyJPGAp8pTYWdegbRuc%2FUjGXfI8vKySw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7587671e589edc3d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 14:49:59 GMT

GET
H2 200 highstock_options.js Show response
www.capital.ua/js/highstock/ 632 B
664 B 65ms
63ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/highstock/highstock_options.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a5cf1105d60aeb4bd2e6420554aecd6321e547a557a60adaefa03a482bdb1c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83528
etag: W/"5b4f39f7-278"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcYohNVUeWgtfzpsKzav3zzXQyCWaEkMlfC%2F%2F60UZXpE3LX82kjR%2FnbLfOJmqb09R%2BEbwRcIjeWFZ5xxHEzL5vw9xh87L0Pogq8ortId%2FYqNeaWY4Ua0FHxuqRffUN8gRAZo3FevrjYfuB%2FNNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7587671e589fdc3d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 18:30:03 GMT

GET
H2 200 exporting.js Show response
www.capital.ua/js/highstock/modules/ 7 KB
3 KB 57ms
56ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/highstock/modules/exporting.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d32f16a8513989400a9e3311f0c1cd68bcada10f0b280c4349a8e067e144abf2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83528
etag: W/"5b4f39f7-1bb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qWwuMvW90o9TDkN7HBjCQGa9zYQu763AZd6qozI3F7ZWOcaECbGi22P9I5NHfFEazD4NaKQCr45p7LsZn7kfAKlxjdPnWcgY1aQmoHnYzF9hLUUQant9Wo8mcjuu76ffHoG4lrnbaUgOf9gAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7587671e58a0dc3d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 17:08:49 GMT

GET
H2 200 charts.js Show response
www.capital.ua/js/highstock/ 2 KB
1 KB 65ms
65ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/highstock/charts.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6247f7daed995cfb08f37d0007fad0cb1d63ef1b2de5cecf9c0ab86d85a5d65a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83528
etag: W/"5b4f39f7-9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkWRP7eHvDKPPbrW0AXbjNk%2BKqbeNmCW%2FN5Vhj6Pkccl4nKw%2BPUQD9KdbalpChOySaJKaaxx1dAmtd7fhswpXkbkmN0rYhmms0jzXDzxtPDPacZlw8w7Li%2FGMal9RrcI16jSc0RbHBegaG%2FVsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7587671e58a2dc3d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 18:30:03 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 211ms
67ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6510ef653683c5505f61efcbc4e20c133b2a341e165910ff132d417fc036ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27725
x-xss-protection: 0
server: sffe
etag: "1360 / 750 of 1000 / last-modified: 1665486568"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Oct 2022 11:54:45 GMT

GET
H2 200 press_release_counter.php Show response
www.capital.ua/ 0
488 B 110ms
110ms Script
application/x-javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/press_release_counter.php
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlWQuIw8Qh0b8QcrjK%2BDiU%2BlLLTdkrp71Dnu7MhXs9hf4ye2dOCNZ9rrv2aILFF%2FPWxBnLW8lHpsAO37C7gMSLP1yzRGJ60I8BB4abdDoOGA3gudXzO8sOPM4CrYMWIWnqkQ9oUDPrcSki9kwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7587671e58a3dc3d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 logo.png
www.capital.ua/images/ 6 KB
7 KB 145ms
142ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/logo.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6022b9877bec4a03206412f11da47ccd5529399b152f41b9c7f0f3a0368e32f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6497
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-1961"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxHUoRAtgbi8ODxKb71%2FLCAwySN31qgFRi1JRtnUguQ1kh2lTAu8uC0aHxTKhW8OEXjSiRCQyhQRcTjy90TUlJrPePQ39glrZ%2BKwM0Xq8Tzyu5QSTyrcwt4uXj2y7LlCkHF9Ks%2F95Xe3uGyzRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bbc067e-LHR
expires: Tue, 11 Oct 2022 18:32:33 GMT

GET
H3 200 e6cd6960111b8278452598a5e263d7ecae691979.jpg
www.capital.ua/uploads/news/2022/08/30/ 11 KB
11 KB 151ms
148ms Image
image/jpeg 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/uploads/news/2022/08/30/e6cd6960111b8278452598a5e263d7ecae691979.jpg
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0cf09bd9f43169d5c8293631fc8c1a507f227a1ccd0f688d68e1334d5fcef8f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10877
last-modified: Tue, 30 Aug 2022 14:30:21 GMT
server: cloudflare
etag: "630e1efd-2a7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlsEmH13c%2Bu7rTU1lGyBk6yVb0v77srUzRyOQTJx9vsXqu3tFqZ2dgoTziMQvQoCTaqRyyRdEJZzJeygJ3dcFA%2FQWPyPFCQQ6tq5gAWAOgfd4XQuPOcx0sin0954TlA1meyBxMzLNBdAKGjiaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7587671f8bbd067e-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 0a972646f4fa63e0de69f5ae6257a75affe5aba1.jpg
www.capital.ua/uploads/news/2022/09/22/ 8 KB
8 KB 56ms
53ms Image
image/jpeg 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/uploads/news/2022/09/22/0a972646f4fa63e0de69f5ae6257a75affe5aba1.jpg
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ae76b693c9ae3d90eb97c87446852889c49a979eb8014e97cf9c3a9dcb8a3ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8180
last-modified: Thu, 22 Sep 2022 11:47:30 GMT
server: cloudflare
etag: "632c4b52-1ff4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yLnXUgJdLj%2Fro5NWzOSVzbkxahmNaz5XbQZGXfP8GwhDTeE%2BPEixz1ooX0M3SZEbsYsqnbJTUUodQppzSoazO065QzzKAxHshMNvXhLobQUVyrBENJBZRihjb6SVFnQg%2F4485DscYfTbF7XKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7587671f8bbe067e-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1-2 Show response
www.capital.ua/ru/banner/1/ 258 B
642 B 77ms
77ms Script
application/x-javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/ru/banner/1/1-2?t=1665489260
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40b39ecfb0a69c9b8b145596dc63355850353298908699a12b44cb343285d18c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAWEh2LsJXoZwAlnRNN58RZRi9fNyHcHUlc7rJViQarTVFgxtT2ldN7DTUMKu3zUR0T5bCDa4%2F91GEvcDPmfiJ2F%2BwOwGiBlzIzcyqk%2BwADRbXq%2BZUsncin406nTojTe%2Fhxz0YZyKGtqVx7hNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 7587671f5b71067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 193ms
75ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 11:54:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20361
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "40c22a9ccbd70870"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 11:54:45 GMT

GET
H3 200 capital_small.png
www.capital.ua/images/ 19 KB
19 KB 162ms
159ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/capital_small.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071e2b1d9a2b097b02637097cf21b804874be907bb233c0d2da7ac9e60dc7d95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19208
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-4b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FZGYBkLVE%2FQR%2BZWwisvgpVgwoTD3%2Bf95HP3Nk46AaNoZ9siUE8ohQJhgGIHCTlGti3hKvpoyRAsU4Bx6ftaclc2YfUAaKuXOpQB5ZrPbjQyq6cJ0%2BqJAxDAS8MpF8RhQOBp%2BbT4eV3VxcaiRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bc0067e-LHR
expires: Tue, 11 Oct 2022 18:23:02 GMT

GET
H3 200 ftico.gif
www.capital.ua/images/ 1 KB
2 KB 54ms
51ms Image
image/gif 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/ftico.gif
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c22238b94a54738b7abd0a017c2aa6a4edba9f4c18cf6192a6953bd753c07a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1447
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-5a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gxXzW3bp%2BbmyRNb01LgnfAEp6VDvlgxgFbxgGuG%2FYSdezs5u8PVxti7Pg6ZuzVm1P3MyKdJ2Dkg4XzG8sLc%2BujZRfep0FpQbUdp1uc3r4OnfL%2B70ocXdXZISmr8jJlZ%2F1PpzN6G7XtmJZGWFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bc1067e-LHR
expires: Tue, 11 Oct 2022 18:32:33 GMT

GET
H3 200 adv_ico.gif
www.capital.ua/images/ 2 KB
3 KB 205ms
201ms Image
image/gif 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/adv_ico.gif
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511a0d1515cd71096dd0a3043120145478906f49a659403c4863820559499fc5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2264
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-8d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UILA0gajrnycEd%2FnX9xDzQWQc7n%2FxU4Pl%2BLxeuax8PucFwO3i27By9kYfeVCSHcZM2Mpu%2Bx8kMk71%2B07OCM9ZKHKm96iPeePGBECBaqHyjD9vmGJmXVGqU1CdAdEHkExGMCzbAjMBaIlu2VU4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bc3067e-LHR
expires: Tue, 11 Oct 2022 18:32:54 GMT

GET
H3 200 email-decode.min.js Show response
www.capital.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 51ms
48ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.capital.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Oct 2022 11:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63401421-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh8IHKCXojn6PP64DD5RMAyfb8MMsHo9hTB1u1cLNbJ58o8HtFZO1%2Fc0cIrxGLEWXAHTqSkPoA4aF0blynFhxvQO8YGdxDkwsCDWjZqzzEYs%2BJb%2B2NSeb2%2FenAZOVuKB0eORH8XiOjDqYp0KiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7587671f8bb9067e-LHR
expires: Thu, 13 Oct 2022 11:54:45 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 226ms
82ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 11:54:45 GMT

GET
H2 200 ti.js Show response
tcr.tynt.com/ 45 KB
16 KB 170ms
56ms Script
application/javascript 104.18.18.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tcr.tynt.com/ti.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4917a5290466244353dc49caa11b14916816e7523850ff103fabb5484222e0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
server: cloudflare
age: 105245
etag: W/"62d96959-b4ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 758767203f7adcaf-LHR
expires: Fri, 14 Oct 2022 11:54:45 GMT

GET
H3 200 print.css
www.capital.ua/css/ 6 KB
2 KB 94ms
90ms Stylesheet
text/css 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/css/print.css
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e7284d318cd4fe11463345aacc2c056edde135c6c7e6f52a74bfcbd4b0a005b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b4f39f7-1826"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfH6IZjcU32hL09YCUUsW0J5DhjGiqcI22Ztq4HJ9xO4ECL51AFBs4DTTLkgu3d1jVrBtHVpZNougE9M%2F0n6kam3Yi%2BB8BMzU4QDnqxnxCDj7T2XdjRvR%2Fo5iMNWHHTwdNcks5ncixlLmhUCDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7587671f8bc4067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Oct 2022 19:33:54 GMT

GET
H2 200 autoUpdate.adriver.js Show response
content.adriver.ru/plugins/ 5 KB
5 KB 325ms
87ms Script
application/x-javascript 23.111.96.52
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/js/adriver.core.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
last-modified: Tue, 13 Sep 2022 14:07:49 GMT
server: nginx
etag: "63208eb5-1455"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5205
expires: Tue, 11 Oct 2022 12:54:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 195ms
75ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 11:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2328
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 11 Oct 2022 13:15:57 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 176ms
62ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2770e7ace13e2adcb0f89e207bbdc283e3a6f7cfa4e18bc920dec1a3301be3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 11:54:45 GMT
content-md5: J1ozbkH1T9aOvK3PvYF6oQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2166
x-fb-rlafr: 0
x-fb-debug: bPDguXg5GEjmsnKXZ9okDjACCTncLFAsLg6x7fYCeC7aLHeYDT7/igO19YXcJoyPi2HAgplXtf8jIm3dj2OJXw==
x-fb-trip-id: 917726464
x-fb-content-md5: a22ca0e6cf0fe1303d6baa943d5b2602
cross-origin-opener-policy: same-origin-allow-popups
etag: "ea54ba409e92a159371d0053439849e0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 12:01:04 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 186ms
72ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46a899fcd10cd4c8202b7419cab6439c2cda47a4507fec3fbf5f34a5480c4d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 11:54:45 GMT
content-md5: TP1fDQEoETh6/irn0opSqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: pTarsZmAb6X7J3kCY5rVClwbXgrncwPgXbIFnjvpDT8E4eXXRVCHhlyKlKkvqF7YcM7oeVbhR64tailYhG49tA==
x-fb-trip-id: 917726464
x-fb-content-md5: 70fe4c95d30589fbcb1c3b119a68188e
cross-origin-opener-policy: same-origin-allow-popups
etag: "e7da4efb779f2ab67641594a38609d71"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 12:02:36 GMT

GET
H3 200 pattern.jpg
www.capital.ua/images/ 5 KB
5 KB 211ms
208ms Image
image/jpeg 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/pattern.jpg
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be66554323059a0abbfa9f331f06186ebc979027fe2c85f15ee79e4aa593b8b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-12d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7l8q6%2Bo9e4QbqJtk0X6nxdlXuyeXhHXgu%2BJpXxaHfzSqeaS5jn%2BqzAmvn6hBWmuez9BxQDcVyTwXpUETOsGUyFbAe6TsOmKrmRlkSw07fVCij82PNTlqhO8ejN6zB7s%2Bf7HHa%2BmVNpEYC%2Fa2PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bc5067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4820
expires: Tue, 11 Oct 2022 20:48:26 GMT

GET
H3 200 apps_tabs.png
www.capital.ua/images/ 5 KB
5 KB 213ms
210ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/apps_tabs.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75dc75cb106de2457bd8b4c6ec3bfcb6956ec5a71ae1d63bd3c04bca50d0c04

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-1210"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx4I%2B5cikSsYb6WW0%2FHHNKZGRu7AiodUsBak76ANjKmCGFHiqm1%2FRaN85PiUvV1lDE%2F64WSOEVs%2FINhMi11bQDZR1rUOx%2FMfBrqDXCy8UieZOwgeAm0CsIBPYXEWECoTIfw%2FmTjwOS8khipz5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bc7067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4624
expires: Tue, 11 Oct 2022 20:48:26 GMT

GET
H3 200 header_shadow.png
www.capital.ua/images/ 1019 B
1 KB 222ms
219ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/header_shadow.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631c272f7f88a030ed11f904ab44f1015e8a2a04fe5a75af36dc0a098f29ca49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-3fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdtcwDcN5XDPmd2Lj%2B%2FNulA96Ky2KK%2BYdpe7%2FkT9hB9ZhkNE3ftLtacfRPWOTcWNqhRuHyZGmcGAPBCk%2FiuZ43Mfsddtbd4UdKgFMhA5HwjBfGx%2BuL136FwJakckmomqf58fuIawpzD329EPRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bc8067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1019
expires: Wed, 12 Oct 2022 05:04:03 GMT

GET
H3 200 src_ico.gif
www.capital.ua/images/ 1 KB
2 KB 226ms
224ms Image
image/gif 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/src_ico.gif
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d3c04e9e7e6154c1ca2e831613a83c093486264c3f1e0353b3d0fb9e23129f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-4eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV2iDw47NuPUlEOoY4gmm0H4Ip0yvMFbazYsdAR90%2BYotPTrkw%2FMhlvvT5ZZAtK7dkSilTZqxQkCN935LppYAmgUo9FZWbjycSlqZqONnQV%2FYFXYq9xRW1J8cXi0li7g8JFXSiOLzJI2EfcKaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bc9067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1259
expires: Tue, 11 Oct 2022 20:48:26 GMT

GET
H3 200 ico.png
www.capital.ua/images/ 5 KB
5 KB 228ms
226ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/ico.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1ddc44e3081c49237803054c042aaecc07bb19cd5881c1f331e7a1da9aa1ede

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-129f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zM8S4Eb%2BbIcQfpTPyh%2FzUMBPdD1keDNTRpqjS0%2FgimL5DTbYhdDBE%2FLED4MPL1J96obrRx8KtoI4N%2BvptdhJ7e8yokQKRBIxYEZ9RbMWL9Vmj7OmR21fSnv1AgGrxeUxakdOJ%2BNbNPvCxEa2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bca067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4767
expires: Tue, 11 Oct 2022 20:48:26 GMT

GET
H3 200 capital_subscribe.png
www.capital.ua/images/ 75 KB
76 KB 229ms
227ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/capital_subscribe.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b83f16828bd83d0d23827633f90ff31b26ce65269772607912ae09f6c69ec9f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-12c1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4yNL3hw2ko9XVfRdHfJnWvIYLQ271APRwp%2FydFCa2xmdCG1WiVOmeI2L9yl%2BZFaXKKRYBPU78jV8I9xvkCBUzcIzRQRnEFfDfOhmlRS699iA3%2BAbp3iu0C3vVjvkZXz5KRdnar24An69CnQvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bcb067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76828
expires: Tue, 11 Oct 2022 18:32:50 GMT

GET
H3 200 line_sep.gif
www.capital.ua/images/ 1 KB
2 KB 243ms
241ms Image
image/gif 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/line_sep.gif
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bca3d7095cfd66495e1ab002c3f29c473e8937598bb6587c9837b08eaa586e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCgwlYZXWic53Qw5BxzS5PN7oB0CHjES0alu88HSGtqb2TlzCtLWcZeOXPUBt2%2Fw8OHiw6EgtH3hrcrAWLKCC%2BXoVjthv%2FCyp%2Fzdks2YE4H4KTCJPWBELcJv%2F3cRAANfhOsS9HTp0obSHF6%2BmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7587671f8bcc067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1096
expires: Tue, 11 Oct 2022 18:29:49 GMT

GET
H3 200 MoreWebPro-Bold.woff
www.capital.ua/font/ 66 KB
67 KB 94ms
93ms Font
application/font-woff 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/font/MoreWebPro-Bold.woff
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a0204474934112a6a39bedafb7614a689d6fec65a7423fa57fe5fd58369c6ac

Request headers

Referer: https://www.capital.ua/assets/optimized.css?1554978132
Origin: https://www.capital.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b4f39f7-107cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4fk00FQfdgCpVlMZ7q1tOGa8TaBtJMIHYzCgk5rfYBbPIVgkCNyFV9TsSotMltqXkeEC4ayoI9N%2FstA2ueHVrQSbwoqeEK9x%2BnbDKqmewwvFVjtZDvvX5zvZpy2%2FT5O%2FPUjN1YDx%2Fpn8%2B8dZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=86400
cf-ray: 7587671f8bd0067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 12 Oct 2022 05:46:55 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 241ms
59ms Fetch
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=bd0e7e8a17ae45c7c333dec9004ef332
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ae9f8b2245fd6258201abe84a8d5f0800b0c96bbd5525cee109e4ca89741ebed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
x-correlation-id: 68989dbd7a053f6860405c7c573108e3
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 173ms
57ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41262090-1&cid=816306241.1665489285&jid=993454416&gjid=1058999572&_gid=485031123.1665489285&_u=IGBAgAABAAAAAEAAI~&z=1669286094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.capital.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Oct 2022 11:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.capital.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 164ms
54ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=241900100&t=pageview&_s=1&dl=https%3A%2F%2Fwww.capital.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAABAAAAAAAAI~&jid=993454416&gjid=1058999572&cid=816306241.1665489285&tid=UA-41262090-1&_gid=485031123.1665489285&z=1972713020

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 21:06:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53321
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 185ms
59ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=667122436675876&ev=PixelInitialized&dl=https%3A%2F%2Fwww.capital.ua%2F&rl=&if=false&ts=1665489285288

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 11 Oct 2022 11:54:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 117ms
57ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f9ea45cdbeac2cdfe7e4f778b7fab683

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea965f2d4e5b154a019c3fe34d6214b36105de91280ed7256a603d5be60c8cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.capital.ua/
Origin: https://www.capital.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 11:54:45 GMT
content-md5: AzIu6G98OJIy88xW7Ko4iQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86959
x-fb-rlafr: 0
x-fb-debug: +QvZhA9j6IcUaVW9XAlz9WwVnxoXIZIIx910GBK3QmEt8JLvHuEspUjVsho5WfDZlPV2dqgGWSPoPhvM/JyFFA==
x-fb-content-md5: 72944869bde4269f5019693b09f1d3af
cross-origin-opener-policy: same-origin-allow-popups
etag: "cec974edd7bbae744f3ebae2059fb072"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Oct 2023 01:42:12 GMT

GET
H2 200 aY8v7MplSr47tmacwqm_6l.js Show response
sc.tynt.com/script/sc/ 72 B
457 B 79ms
61ms Script
text/javascript 104.18.18.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/aY8v7MplSr47tmacwqm_6l.js

Requested by

Host: tcr.tynt.com
URL: https://tcr.tynt.com/ti.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cedd780f76a420cb35b50a5a67dd45a38504ea9d5cb8f659f0539a4b19c3c8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 88694
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 2011bb14-89fe-4a12-bd01-9dac7cf2fbf0
x-runtime: 0.009990
x-content-digest: b60c39066cc74a425a897c870ec8ff2f30b9e758
last-modified: Sun, 09 Oct 2022 14:09:48 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public, s-maxage=172800
cf-ray: 7587672169f4dcaf-LHR
x-rack-cache: reload, store
expires: Tue, 11 Oct 2022 11:16:31 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 263ms
58ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 11 Oct 2022 11:54:45 GMT
Content-Encoding: gzip
Age: 1202
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/67D3)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 pubads_impl_2022100301.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 216ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 08:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130906
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Oct 2023 08:20:55 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
723 B 228ms
66ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.capital.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbfedbec8c19e0e93646a74d2a83346d563db2821b2f0ae2c0bb5e43989612cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Tue, 11 Oct 2022 11:54:45 GMT

GET
H2

200

03.png
i.bigmir.net/cnt/
Redirect Chain

https://c.bigmir.net/?v16931254&s16932857&t3&c1&n458197&w0&y0&d24&r1600
https://i.bigmir.net/cnt/03.png

723 B
897 B

272ms
85ms

Image
image/png

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/03.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
last-modified: Sun, 02 Oct 2005 23:04:59 GMT
server: nginx
etag: "4340679b-2d3"
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 723
expires: Fri, 14 Oct 2022 11:54:45 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:45 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/03.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/974279079/ 2 KB
2 KB 184ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/974279079/?random=1665489285325&cv=9&fst=1665489285325&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&hn=www.googleadservices.com&us_privacy=error&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da3c981f6bf95fe8db35c146864e5cf3dd12629729f5a89e3eabdd4900defd0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 newspaper_factory.png
www.capital.ua/images/ 65 KB
65 KB 71ms
71ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/newspaper_factory.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13026dbf242c233de9ee074af44fb00562d9ceb94cd6cfa95dfbf192b40f1f56

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-103d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiP2lJd5dsyjEVsUFuxcmVKE6V%2F9mUfHq%2Brt%2FsY1Inr7ShvrziULbYnQCnhZlAz0biMHsAx9T3BAxTaW3tqd52iLi6AzsjKL9AsiNpbmKINeB%2FEjscjqRuq0D7TmIFPxrv4Al6%2F0wzY58T9p5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 758767217e62067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66513
expires: Tue, 11 Oct 2022 22:09:29 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 123 KB
43 KB 167ms
54ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96aec8c9f7981a987d0bacb3de756545e59a163f7fc94c47eea050b2f06316dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43528
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 14:06:53 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 120 KB
41 KB 168ms
57ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f08af001134142200d0ef8e41ecb0f6f8d91951208c13f9e207e78d8f928b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 07:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41753
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 07:00:04 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 9AAB 3 KB
2 KB 207ms
91ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

becd9cd31e79ef80bb6bcdb9207b290bea241fd320b4e2ae6d96aa453e2921b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 11 Oct 2022 11:54:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 393ms
126ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1665489285370&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 11 Oct 2022 11:54:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 / Show response
id.gravitec.net/ Frame 66F2 621 B
699 B 187ms
68ms Document
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 11 Oct 2022 11:54:45 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AdRmOI2aExb/XnubAA
x-77-nzt-ray: 26r+61HK1M0
x-77-pop: frankfurtDE
x-accel-expires: @1970659623
x-age: 10189662
x-cache: HIT

GET
H2 200 /
www.google.com/pagead/1p-user-list/974279079/ 42 B
548 B 192ms
68ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/974279079/?random=1665489285325&cv=9&fst=1665486000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&fmt=3&is_vtc=1&random=2906059916&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/974279079/ 42 B
548 B 201ms
68ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/974279079/?random=1665489285325&cv=9&fst=1665486000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&fmt=3&is_vtc=1&random=2906059916&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 9AAB 38 KB
6 KB 168ms
55ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 01:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Oct 2023 01:31:36 GMT

GET
H2 200 AMLnZu8pOJHsEl7LmdDr4k4y_Yp5y0neF9Mnh-TlzVEd=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9AAB 1 KB
2 KB 174ms
55ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8pOJHsEl7LmdDr4k4y_Yp5y0neF9Mnh-TlzVEd=s48-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75aaec4b62fba6c84cb3c62422aaf9ac5daa12d8f6682f2e332d2a6ab24592d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 09:36:38 GMT
x-content-type-options: nosniff
age: 8287
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1188
x-xss-protection: 0
server: fife
etag: "v52"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 30 Jul 2022 11:55:35 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 9AAB 252 KB
72 KB 167ms
62ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Oct 2023 14:33:36 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
260 B 470ms
200ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=aY8v7MplSr47tmacwqm_6l&dn=TI&cc=1&r=
Requested by: Host: tcr.tynt.com
URL: https://tcr.tynt.com/ti.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Tue, 11 Oct 2022 11:54:45 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 4
expires: Wed, 12 Oct 2022 11:54:46 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame B53E 320 KB
104 KB 54ms
54ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.capital.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1000207
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Tue, 11 Oct 2022 11:54:45 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame BD10 566 B
904 B 227ms
105ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

004a76283b9a4a63ff36ecc8a6b520da20b886791e87b5b1dafcb0e672379e50

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-IAF5QtQlmM_cwPIHORg_UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-IAF5QtQlmM_cwPIHORg_UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Tue, 11 Oct 2022 11:54:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 60ms
59ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 67ms
67ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 195ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.capital.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
64ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.capital.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
19 KB 1113ms
1003ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1748201111601482&correlator=2294390096277966&eid=31070282%2C31062931&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=79855315%2Cpremium-300-250%2Cpremium-botton-300-250%2Carticle-botton%2Cpromo-933-46&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C468x60%2C933x46&ifi=1&adks=2673231228%2C465682209%2C1085093868%2C2660635015&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665489285734&lmt=1665489285&dlt=1665489284828&idt=877&adxs=1124%2C1124%2C-9%2C176&adys=328%2C667%2C-9%2C313&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.capital.ua%2F&frm=20&vis=1&psz=300x265%7C300x265%7C0x-1%7C932x46&msz=300x-1%7C300x-1%7C0x-1%7C932x-1&fws=0%2C0%2C2%2C0&ohw=0%2C0%2C0%2C0&ga_vid=816306241.1665489285&ga_sid=1665489286&ga_hid=241900100&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75fc4d5fdba1168095aaf79db885f0a113eaca31f162fdc1a3ca3f90cb488def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19518
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.capital.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7F22 6 KB
4 KB 206ms
62ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 11:54:45 GMT
expires: Wed, 11 Oct 2023 11:54:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 126ms
126ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1665489285370&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 11 Oct 2022 11:54:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B53E 851 B
677 B 242ms
148ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=983506fbd2ee038747717963d55d053ba2011503

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.capital.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 11 Oct 2022 11:54:45 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 11 Oct 2022 11:54:45 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: cdb63f9617582a76
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: d33ff1e684788092db91f97f7ce483455e4aaa0f87f450de973ab7ffbbc4f956
content-length: 355

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 9AAB 156 B
179 B 68ms
68ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 22:55:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 46779
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Oct 2023 22:55:06 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame BD10 0
20 B 180ms
68ms Other
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-KOK6c-9toz-Q-MMqh7xKPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-KOK6c-9toz-Q-MMqh7xKPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame BD10 10 KB
5 KB 178ms
57ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 02:06:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 13:28:54 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame BD10 14 KB
5 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 11:54:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5576
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "57666e60922e2537"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 11:54:45 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 126ms
126ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1665489285370&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 11 Oct 2022 11:54:46 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame 9AAB 128 KB
42 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 05:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42573
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 05:09:36 GMT

GET
H/1.1 200
OK button.d2f864f87f544dc0c11d7d712a191c1f.js Show response
platform.twitter.com/js/ 7 KB
3 KB 53ms
53ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 11 Oct 2022 11:54:46 GMT
Content-Encoding: gzip
Age: 1000208
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2362
Last-Modified: Wed, 28 Sep 2022 20:04:20 GMT
Server: ECS (frb/67D3)
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 28 KB
9 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7659dc6c77000ec4b6745b5e6af107bd30ad9a0e92bfc0e406d5209ede488608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 15:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9430
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 15:46:38 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 126ms
126ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1665489285370&dn=TI&iso=0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 11 Oct 2022 11:54:46 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK follow_button.7dae38096d06923d683a2a807172322a.ru.html Show response
platform.twitter.com/widgets/ Frame 5BEF 41 KB
16 KB 55ms
55ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.7dae38096d06923d683a2a807172322a.ru.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 7c94c9af82fd4dc9f46f53f948932829c6d17982e61625a5aa8ccd9339ee35aa

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 999973
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15492
Content-Type: text/html; charset=utf-8
Date: Tue, 11 Oct 2022 11:54:46 GMT
Etag: "597d46a67724d61e51ae6b66d19a4dbd+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:23 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D3)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
126 B 150ms
150ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.capital.ua%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ru%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1665489286101%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=983506fbd2ee038747717963d55d053ba2011503

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 11 Oct 2022 11:54:45 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 11 Oct 2022 11:54:46 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: de76c0203aad3034
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d33ff1e684788092db91f97f7ce483455e4aaa0f87f450de973ab7ffbbc4f956
content-length: 43

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 1F09 601 B
290 B 94ms
94ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c382d2bf635635c648c032cde0c09b8f89e48d14d241f7d0c99530608f4daef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 11 Oct 2022 11:54:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 168ms
59ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 579297
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Oct 2023 18:59:49 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 167ms
57ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 579297
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Oct 2023 18:59:49 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 166ms
58ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 05:32:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 541328
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Oct 2023 05:32:38 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 164ms
56ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 574912
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Oct 2023 20:12:54 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 167ms
59ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 16:04:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 503407
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Oct 2023 16:04:39 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame BD10 53 KB
19 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 03:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19063
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 03:21:54 GMT

GET
DATA 200
OK truncated
/ Frame 5BEF 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 127ms
126ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1665489285370&dn=TI&iso=0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 11 Oct 2022 11:54:46 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 1F09 9 KB
2 KB 57ms
57ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:28:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Oct 2023 13:28:56 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 1F09 149 KB
44 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:28:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Oct 2023 13:28:56 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame 1F09 128 KB
42 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 05:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42573
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 05:09:36 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 126ms
126ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1665489285370&dn=TI&iso=0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 11 Oct 2022 11:54:46 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 127ms
127ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1665489285370&dn=TI&iso=0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Tue, 11 Oct 2022 11:54:46 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3

200

/
www.facebook.com/login/ Frame 4AA5
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=349712125128014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10a...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

128ms
128ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10a657d811ffe4%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff3b0161ac03413%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f9ea45cdbeac2cdfe7e4f778b7fab683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 11 Oct 2022 11:54:46 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 0zqVKXsE5exx5tsxHN/B3EjeYJJd0IVIMFKmfbv+4pZd90f+jfLdehAwGU5pJQDnxMc6TWp5PQkB0a2rEt5NVg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 11 Oct 2022 11:54:46 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10a657d811ffe4%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff3b0161ac03413%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 1cHyBnrYov34GtmjrQeey48mR6rM8mJgdYBUFDgyXMx+B84HhAi6VoumaBAeo15EdTqM1B4wS/U9+K9Qrz12OQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 199ms
69ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f1434fcc1c3e4d64725d65a1a331197eeaf74a32d4cb9e5e4934ab3944b57ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11188
x-xss-protection: 0

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 75ms
75ms Font
application/octet-stream 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://www.capital.ua/
Origin: https://www.capital.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:28 GMT
date: Tue, 11 Oct 2022 11:54:46 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 67ms
67ms Font
application/octet-stream 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://www.capital.ua/
Origin: https://www.capital.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Tue, 11 Oct 2022 11:54:46 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H2 200 946939071.jpeg
cdn.gravitec.net/images/users/1649310270269423616/ 4 KB
4 KB 59ms
59ms Image
image/jpeg 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1649310270269423616/946939071.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: dcaf67aaced809a8a66e31ea3e7c0623de21c3a3509f3af9e70574bc9d420dce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
date: Tue, 11 Oct 2022 11:54:46 GMT
last-modified: Mon, 04 Nov 2019 22:02:49 GMT
server: nginx
etag: "5dc0a009-e27"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3623
x-proxy-cache: HIT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 11:54:46 GMT

GET
H3 200 container.html Show response
f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3FC9 6 KB
3 KB 172ms
59ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 11:54:45 GMT
expires: Wed, 11 Oct 2023 11:54:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1DCA 6 KB
3 KB 156ms
55ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 11:54:45 GMT
expires: Wed, 11 Oct 2023 11:54:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A9CC 13 KB
5 KB 178ms
55ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 11:30:26 GMT
expires: Wed, 11 Oct 2023 11:30:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE84 783 B
533 B 188ms
65ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da5f594eb6878dfab19074dcff35c5bd07f96f882ada6026be24c1784ce32855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mWSim1ZFmpHNhCcNCnSmfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-mWSim1ZFmpHNhCcNCnSmfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 11:54:47 GMT
expires: Tue, 11 Oct 2022 11:54:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 67DA 624 B
297 B 186ms
73ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXRTbcWV7qCy1y2G9fEz5DHpsL1DtH0v6CQ4K0D01rdnlw3Q6i3H6XhbJQ-WyJCM5BWPIuldIGlSTkpVb4TnEme-qrH0FfLooKn6AvDUPGZb4U_wxoD5RsXJfYS4v63wDt1hoQh5rmO1vS4SmdYpFylpy1_7NoeM8_EQb9FyXAWVFZip78

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 11:54:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1DCA 99 KB
38 KB 236ms
119ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqIVwtA2AyrS0OYbKkWN6KbkDaa7Cfh5HRglo7587RVf4334o8brd8HlPnD5Gtbb8OFziCzhWrYpE8atpwkglW452sn3cDQAPmk4HQwDHZIYE6ndwQhGPiOL5EBwdHLPSZ_X2aa9BpMo0HFcyiacXBN4CR__oudVJhW4YbSMvO1u7Cb6Q&dbm_d=AKAmf-BZKrUEH2qA7e_l6Pu3iIyq7ZzbYZvqJjI5ypQZOZCqMBBgRxLEfWHj5ob2sgUEyR3kXaqzwG3yt0bzhKI7Dvz-PsueuFwhy4ejxotFolsNC7i6U9gsAqYYf0ocmFko6g48BdlHvJAZiK_IXGtDs-IKI_XVTYDEWLArywjudofrfcv4IO-EZ3rGLGmHmc7iyb5HAIh-3tS19j0GhhArF1xm9yOXjAYHckPo8v2oxD42x76sOifhm8DKQBs1bLJEFzWzDRNLHm1h7sMUD17XvMHJu2d2qmi3UBAaHMWi330AQxu_djrgS4LpcvBZTMYTNbk-DbTJZb8Vm5cCFVkFVLU1h0O_XP-V6antD3updzcS9SBDRblJ1DNnVync1J2enNq0-7I6SQkM4O8zbYFYhctjmVYMzh0sSw1b8cZk_yjBaMUV-y7MUdNBG9CkjgCe550lvQ-m0OmjzHr_q50zDQwC8xxFO11j21i0DFLDoSSnqMbgf1qpBRtSfVBLfQmfijeC1wmW2HhzuM9v7xU8xXJHFOr2rRItyDtRTOFm3VwfKq46KDkbEwIlz3dz8wUdB50sMi6wE4tnxqvfGP2PCrWJKH23mK0VvRdoMioJq_YjYlJGvZdhkDcZCJtYe9dem2ePD4Z4igdSUwD89yXbCSWvBfG_83LLwHRP3tsmbThdAGuNuLUw_i2hlCkLnaU3Ks0Y3Mm4Q4Recfpw5vM_GcrDPZ5ZlEZN0gWXOCAfrwy-pYxcjLiYGIdakSGFkylNWW4H5MVp5PHQSVktLRM1lPnrmdDqoXNBRTm8mj9SKG5M-Zd3bGJ5pl0cueLJ-Uoy2J-AQHUm00w9y2w_00iDa08pGcq1wm2M0M3qr3j1Sgdf3K-byGuj9SwB-942uOYO20H2jraYnw_Uxtyu27mHdwWs0R0rD3Z1QMKDfEqJp0ijD76Ob3tzjzAhCid1Chfn2Ou7oDuC2iKpLHAOky9TQ6oWNa82FAa3QkEwA2YI0vE-YzmaxVi6XuYSj5AzdqQiZU1Wb6QxoUoDioGcldrlsmeJL8AfkrRLhU-7OgFOiFw-8MUVjAfhn1L_-LhHvMIjA7bxl2ahw_fOxJ2lb0ksgYUtt-eXvWJkD0TdjtpLyqFYiZhRQ8GVGJK_8tW-_4oagp6engtsyWr9lyT0KN4G7hYUcSh1XAyXcGNgNUNcHzZrElFauE17Vz9vNsGHdwOxX6zQA5LNlZBh9G5BUz4F3ddcpB3dS4RFtE43GoPmvIXOB7owq3fzl0e94bB1r9bmTUXWGbZABviPZHF8pKYw18_y6wMqXHRQVDmPMG1ApYB-3wobNelEN_IxPXkYkJ23b1mgynon3J4f0WxmZwdp3mX7wV3wGaA49oZLwhgP1rRmG2iwyc0tVQhbTLsM9agE8XzyHPMETEl5aywEclax564v7vbVNWGAYyEFEM18hxsn2lwVm8BNhIt4O57OgqqZ75t-fRPJuIJQhdDLF3_c5fsnLOd2wqDtyF9Y49QkPu1aPO60k7lKlUkZLSPKvKg-qR4Izm88Yj6oUkHk6Mv7-UKTHkLYSFzeobKUvAZJg9VGxQsga6EDGPP89VRia2AfApj6uzE33Pj0ssdzBKhkQ3MpeGo8Ya4BUXOpjGhwrNdRoRJCgrGS18t2jUwcumnPVp5KsuUkNBfjeW2TWeebWDHpmNYfI-OIDjmNAyMyj0YxvG2OE86PlpB5dwWilnyhQqv0sD8cKhFfvtPgEhJYaRBEGL01mT2_vwGgWn9TyUTsIVuq43L9dZg6Yyr-JITVUlpSrGv9Z8sBsVQkyuTo-AAHr_7ceNAvLk_kb5_sydVFEXMGpD1hHUY8WQpy0xwaCLFfsbSR2O-iQrO-9DuloD9FRNwg8-_2u04Lrv2bWrNYR8h0jCN9bsLiTg3zIPZfPVfbPyIqBXTrNNk4z4pyjFcvJ3j4Znbq0ZuKE29eKSs04mXRImiQKI9bRD8ArWT44iRd_hqyx-phJ-qS9I-dGuxZGW8xvGMb7Tnyia0yhKeoB6QYhDUOKfu1jKCgTAw7KgxY8XyI30XSUFKcY-Q0bGV1u2fI8-T1OtgwbnA1lt5MpgkuvmfakrmJMYW8i8lLFbgyE4I9YpfOgFB32h2iJmokQe30qGSubDbxY8jq_dJ1LJ2lrlK4ETirEMaekHXBhUO-10mrMbYcx9UKIYCXxATnrw1eNErr0CQg3vMNoV7tzGGtbS2K0vErPN3S0c3FdlC1-uvZPaTaCZImeUNrsQOezHbJgPbnjbJayi8u_6kyuZdSfLtgcOVoLbjZ6gZYMaj8SNVY4Uv-sF0kIHylu8t9tTpjfDGEZz-faJrh6AFyFyRItu7g3iEWa_cg77hv7oZcctT3YSdKslGUisIj_xUEEbtE9VVYUZRXE9Rvtg4dUtXaLvpPq7sn2VCDp_kz_3XCcxoaJfKzr15wF4uQr5ar504sR5UN6SbViwWkE0vHblNeCyiWs5GsaVPRsvVgrhB7prpesE5gkLmKAEYAFPqc4p2qFYzUJRCx76ZWv8xLe5ajD0q0qCFYgdkBzz321RXn8Ne1m4wkW5u2ydIAbrclYRY6vtGffol8pL5HQz3dLwFEsJ8cy7hp6A2OQpJbKolCxs32jMkWmVbedT3BgfdckSbYKhRfBqPQ0fD0VIBoLJbtGOEEWsRbx_1BK9uO3SD4GZsbKBCntgAWJHBPFZjv2fifXtWysZYDU2PHkV6z2c2xoGhwBa4NP59k08aUPp6C8iy5Ya5yKLVHPtgd5oCI5jlwd7w-Vzw8LLyiq6E-IdbStWJwqhIiuIx1mfNrgfsU5hmunhO1DrzcC3I7rHVYNJ3vs0fXsVwa77YLbkI6xYhmuZuForOgqDFW7xjhHyqalBYqtwybiSllOpgQF-6viVRuhKNJiWjUBjCdz6RoekPVc3oztitNkORc77rbX1rvcoz80q3Y6ZYxTmZFx_6Y6BjQ9myXydwHsfFj0k4MGB2rFoEyGymblXYSpsyg41vD2w4h587m2rQAscH4uMjyK98xfm_GutLYgxUSzqlxRd1g4_R5zy9YZFsnMlRqxH7gwzpm6BConLPJh_fNZbJMNFsAKBYNE-eIr-nVp4B8hOTQmgOhjuwNdVyIG8HQ2vO4ZPZ1Ab3rMv2G-TVBYD8dMBWu4OCqbHEdCyKvQzy6Odw4QOOTEmKr4AH0-gFibWNL2GyZovICubdEbDsqynhGLsh_WW4EWfSOUGrYp1GBeqMbyG3Au2DrVF9Db0kKMdDr6nX4z1yOvjdNCg9KaQ5QAwT5ijnF3yl6tB4F8L1-WNgKnSjArfv1dvUeQL-Jm1I0kGDxbf6fHh_N2z986np_poAO_ok8nyGad5Y3TOpEhlgFSHxQb-W0lwrVxhpKfeWzSgcjgzhrp9-ecWY1JYjAj3yBGKUG1yxtb97t9mEmJUuy0dQ&cid=CAASJeRo286QlbnDXxn8Ap4J_wVC6pUn8nnofpUDYtOQbroXdCuTMbs&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37d8765d5193ba09bb3483c86e2b139dd03780f83ed45f08491f930fc2bad091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38789
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DCA 42 B
63 B 203ms
87ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CUjBl9DKXGwDkLvBN1YLF5eejS6BzvYUafvTgVjjgxho96si9TUP7bY46AsvYSuJtawqO_fNHvMvc8ZBA0JzR_6a3sC-1oTR8enGiLZrE_avlx7RU

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 1DCA 3 KB
1 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/window_focus_fy2021.js

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:53:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 1DCA 17 KB
7 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 9181008806812530437
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:52:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1DCA 0
0 64ms
61ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7WM9F8UGFcUnczTWQW-zH3-xGwXssiBPP6-v4O8RmNfvHOS0t5v3mWOmeYDBXNQaP8mM0aMEa78z4vsdjMEetkR-zDQ
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DCA 151 KB
46 KB 186ms
70ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 11:54:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D2EF 624 B
297 B 176ms
75ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVBTz8ruDhML_1hJuyV5Fo5d18s3RiaAlQqfPklAS0qdRe7neUYTcDOhrCH5i-NpzwDiCBt8Y__6109QbmG2CBP2zPOM65i9xiO60cp0dfrXJqbl1wvBXzs6YWGv8SpdB-xXTG0xXWJxAHm3oUhpUqE4rjByjH_CKPw7FO4_ioBnRhegbc

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 11:54:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3FC9 80 KB
34 KB 201ms
101ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAcX9n_fMqYdqgpLuwU8a32F3sEti6N-oMP-yo-3x-peGozzDeAlFk5wIbzXvskYpubECrBzVLX8dAhOyKNmMpFZmyepeL7SukaXPnDbH9go84z7hsz4XgSUf1iVbJ1sNthxUicY3UZQd4oc20TaVksukc7NOl6L_0XbUfC8JI6BTLLcE&dbm_d=AKAmf-Cql0MsxYT7z6XwluiAFs9SJMgqgKq91PJLvNuOo9IR7BzAdtnDzlehzjzAZ_ZHxHWnZyrlbzuHmvfqMUJPks2HFer-Axa8K8qYBVru8wg2L47sEcPyT76AD6rM_yHymr-iQ-gw7dWCE14ObU_9j7gpXcpudMUMoLzSbab7DXHOqyZufSuOmqaTrWgAp-z_S33STpJ2_k_aSD2O0mH4OLPP5ZT1_8kCsRYxkvotqbun4f1qiKc4bGfTcf7k-RoxEFck_2hAopchJVlmGyWnf-WrZ5Bm6iPpG0MdnxCNr-_6DcLRgsOpDZQI93sckDLB8KlcxM170WqfsI1GVfbJfZAjOCjd1-MFPXB58LpFmWNMfl84aW0HwociSRwo2jkaNEH8iilZhyjqyIbuBuY0k_GEXY3E2CpK-ulHrrFThmQS8KY06EySzHggpV7OgQVQh4NOMwde2E-ng8Po-cWlRE8Ugbbsu27xJ_BabZnbMUnVDZub8XvPtUeK6nDOFCP1hmyRicWs_Cx_eP-wDzRiQwH5BWaQbl3g375wwY3P2kwhFDay5ALZ5MLhg33_mUjp9iJmybyFdya0TfJW8HQ31OIWXD742O4SxwHqtAZdH_DILMY5_3_E1PIYsFkxEkm-SESKVWHIdS--aMD3vhm32Z51oN47tiwcb-fUCbkl7yexeqRgb7KokJmFPr8fpJrDZ3NBuRV3hDRmzYy3za_YFGzIdj-CoIjzVv4h9-CaRnHIZtReFyepJMNC6Tj36000-zw74RuR6hYxh_4bLKVFQcQJ5vjg8rSE__K5Vlx94PuuqtbbHg6eUlvzWBpN-FKD-aH0izcZaWtrmxY34wnfiE2_C3milnhd1PJm5xf2ObgDCAcMjJEiETLQop3IF8q3VepxsDOnX6h0Sy5R7c2eR2vtMxhprrkGQ-_wqSAPWYZ3Ytxr_F5g9kWMxsyzn_X0fZkymgkZ-2pRQJjLWWNaTOWVZVxLIuGn2HoLVlDcVIfjTYtHUWzhDk5iZsDW98y3PSrQuC_fLXptBPK1hxGmSvDnbTWhTAuEAV6-nO8vNzjxl5G88ruysK-XoFz7cgqyZ36MZAnuWL58MJkMfbtRCrhvMAG4dfRePkUDAHoHZseF9fAADt6P41LbqkNex7SYL7RFYT9Muhu3jA4brtdiNRh36e629ppXiGzEACtsgQjbW4Ps9Q1OQbAWcHGfF0lHAkGty1If3BWYOgaV_sXRrAbJgM0O1l96pIaUx0lnurUugjwD8FrEkABXY5QcHZvyf8O0pEXvwp7Bhor5CY0mG4JHr_5JeCuE5w-ImnoqSiftbJF5qWR-3iLOdLGJ9w-IwwzvcqSE9kkjlWt1zbWPVqsCwUG5I09KIkXNSPGg2I9jFI94ogfFU5wLa4pJrtslHBZcDN0aGuDDqiRpPcmZgKYBOKXlns-M8iptyphg-eR0SUmppH2w4CpWBz4NLOiDvtWOYiUba2VF96jkrN1pJVkDEolFttfgPQ-kMHXy970jMR7-mp8JnV8OePALn4MTCCCl9yE1DSGMkcHAVgiUJz-GKeY8PVGelaAOL1bx22PM-SAM2mThwF44CQN09guxMjnL2Y7W2FcNvL9-Yn8yFZJXJebOHekcy93B1Gu8BqAf5Kz6QVbqdoCNyIvKz3vCDdSq6mFC87NqirCbyHTVJFY7chM5PHOvPNLBTfJWrxMg7VYrDTl-zSJXUe70Rizo4e_nqDHgMccMCcAkdQ1Ghf_tqiBtoIus4S64dpgQxivvi1rc8Tbunp9dmbdnKwEsJ0gZOnRxz70agE39sOSxRrCwpBJF7A9RDHgrW05IXs9VPAA8mGK_ibxrkAfG-atTyWgcRUrOO4cYDhWWeiElU_rxCKzVjVBJmlBpm1xxfPwwYkP6Kt93pqYs1kRqWCe9EAkPscxPHJZTd0ebs2-JHrQfjmOVw-6pGqhh4jNjtKa8OtqWUUtg9LA2AzVH5ocFN8de_veQVhaf7t-xEGmdcyA0CAj7vWG9-x1oCkDcjQO0z-C2Qp0rfLmWl_FfWXhUmHgSLFHRbRzn_Oa3RXZqIoZ2HfOhQ43qhP43d4i6MxFCqSWoioTyo010ooOe77ztK9hra7eS94kPmm2h21--ScPkRy1S91f33j-Nw6ptHtohreXhsJq1SAMIGx0qIdQeq2ts6TShOX9XuVKCuBuudLZ4MpBA7RKgGy_hcyfa1-8A22uEFO37HfYTvkX2GK5xr8xT4UnQo0QprfV_-1id9uMydbqNdHXNfN-YscJx5uCMZmSnOh9u1b7vu2htEjzuNcW0LVCEaWOQbbbBkbjDZwmCq-Pee8GrgZr3ccQYacXJDwnEN1XA5fhzu6oqh46uEqJwV27iAvf_UGLmH5YNvg6UyARZsR5vD5fcsrh7oX6rM3JclFhyAMFgJSnqNtbNA9UdZ5lmKZ6G4nLXhXBIM9k_XgkCHPo5JO-_BBIEIQ2Ja6e1Ll_g9xdwxWiPA7AI3BxIoXnxD7UpQJoq44mjLFXFj7a882Q-2RKUm7DqGayxW5pmsxrMFL8NdSnJF2RdkjmYxe1wydgDtvYkFB0gBxw-krNIL7H0Mree-mTeJofGzDAbKhGnbOOWzjAB5ASGFmrjBU2Vtn4PcFKN9k4rFfXzlPAGNH0m1t7sJsWKBAB7_T1EpF6qYQGQTXV7MsK8gyJ_uNkYkGo93AbMqyjCeYYjmsyeQ6KzYFWbw7OFnQEKbVRB3Owtdep85YXpg7P66cTMZifI-Kv0DdPnegb9LbRO1d7406cXmWNS3MvfJGNjsa6ofiEZ4UcC_1AWidMDWsgq8sdjsmroHp3i_QbnENG7V5IkZFHvK8YFRgFcCbp46rqHr6MLL9Pf41hIxJm84ZXY0tcX5gw7LpYOlba7ToAL1DBFOnh1bGeTMVA2NWdX4TSLvK1Yh3R-E9AMIEWF3S-tl3TgMp2DgGIzEGhBLIYZ-e9_Jng4xqdzkBhkgIhZ8Plt8XZrCXQmqPt3imlk3AzIcGt3NdKCirAl4Ef37EfPukrxxe7RWSGENDC1Tbyd0mEYaufPQGca393aoTKJmbJ2Jo4RwIAlrThSdBifiJT9E63XKYG36fR8q55qBjFUkgoTT-2jFyedcRLFc2Ob6rLUejn0rZApG9pTf2EG-ZW6BQlrLSkX-I2WejSJCcZKr7ScHR2CsRGu922-5Tx6MFDABXSjykb1g3F_Z_oHnH4qEEE0eNXsmvk6kddRTp5dYXvuM9Xt-drrPepm_3bKCJk9P7UvSdhuMDmE8Zok3DmOiL8xO8pktm5YnbQQdFnx1hUziQaI2R61nqeRHLBpZJOvyz6QTcKT_GRW885Ot_HeNkIFMw&cid=CAASJeRo_D1HlfFmGEpI-WnnjfaMshZVQkxUglvCaFm5QVKC-NX7Noo&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b9609b8da557c857c66841c6597da0d8d6497d90d70c046028a9b87bff13c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FC9 42 B
63 B 194ms
88ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AH2KHNPc1fdrMCmHxknslBV9P3SpK13m6F7yN8_Et2YJATyLBgBhbIMkgQ2xVdZoP0wws5uyhYy0YReX-HZkxsN_szR6q03_nDZkHmHprUG6Wdu8w

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 3FC9 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/window_focus_fy2021.js

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:53:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 3FC9 17 KB
7 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 9181008806812530437
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:52:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3FC9 0
0 65ms
65ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStqlyIkFA8H40RikdwjHrEtqccdnjWDSzIQpBbMr7d0wp-BL3STj8xIgsL-9G1oi3rp4at8gVV2oQqK94yktvvpmVqgQ
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FC9 151 KB
46 KB 208ms
101ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 11:54:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FE84 0
0 183ms
88ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100301&jk=1748201111601482&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame A9CC 36 KB
16 KB 148ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:24:06 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 67DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&C=1

43 B
766 B

101ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXRTbcWV7qCy1y2G9fEz5DHpsL1DtH0v6CQ4K0D01rdnlw3Q6i3H6XhbJQ-WyJCM5BWPIuldIGlSTkpVb4TnEme-qrH0FfLooKn6AvDUPGZb4U_wxoD5RsXJfYS4v63wDt1hoQh5rmO1vS4SmdYpFylpy1_7NoeM8_EQb9FyXAWVFZip78
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 67DA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0VZhy2UIkNo.XhhpExOSAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&google_hm=2

43 B
766 B

59ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXRTbcWV7qCy1y2G9fEz5DHpsL1DtH0v6CQ4K0D01rdnlw3Q6i3H6XhbJQ-WyJCM5BWPIuldIGlSTkpVb4TnEme-qrH0FfLooKn6AvDUPGZb4U_wxoD5RsXJfYS4v63wDt1hoQh5rmO1vS4SmdYpFylpy1_7NoeM8_EQb9FyXAWVFZip78
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 67DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEO7BVtJRWx5sbOxO-CB4NgA&google_cver=1

43 B
1016 B

96ms
57ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEO7BVtJRWx5sbOxO-CB4NgA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn8nwEQlYnMjAMYy-nj0gEwAQ&v=APEucNXRTbcWV7qCy1y2G9fEz5DHpsL1DtH0v6CQ4K0D01rdnlw3Q6i3H6XhbJQ-WyJCM5BWPIuldIGlSTkpVb4TnEme-qrH0FfLooKn6AvDUPGZb4U_wxoD5RsXJfYS4v63wDt1hoQh5rmO1vS4SmdYpFylpy1_7NoeM8_EQb9FyXAWVFZip78

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
AN-X-Request-Uuid: 92517aeb-4b45-4ae9-b1d0-97da12cb96fc
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEO7BVtJRWx5sbOxO-CB4NgA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67DA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzE1MDYwODk4MTE4NTQxMQ%3D%3D

170 B
188 B

152ms
67ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzE1MDYwODk4MTE4NTQxMQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
AN-X-Request-Uuid: 6b3198af-7ed0-4c6f-ba3a-386fd233675e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzE1MDYwODk4MTE4NTQxMQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D2EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&C=1

43 B
766 B

108ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVBTz8ruDhML_1hJuyV5Fo5d18s3RiaAlQqfPklAS0qdRe7neUYTcDOhrCH5i-NpzwDiCBt8Y__6109QbmG2CBP2zPOM65i9xiO60cp0dfrXJqbl1wvBXzs6YWGv8SpdB-xXTG0xXWJxAHm3oUhpUqE4rjByjH_CKPw7FO4_ioBnRhegbc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D2EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0VZhy2UIkNo.XhhpExOSAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&google_hm=2

43 B
766 B

55ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVBTz8ruDhML_1hJuyV5Fo5d18s3RiaAlQqfPklAS0qdRe7neUYTcDOhrCH5i-NpzwDiCBt8Y__6109QbmG2CBP2zPOM65i9xiO60cp0dfrXJqbl1wvBXzs6YWGv8SpdB-xXTG0xXWJxAHm3oUhpUqE4rjByjH_CKPw7FO4_ioBnRhegbc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_WXEqQnIqW-_nftYWp3k8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D2EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEO7BVtJRWx5sbOxO-CB4NgA&google_cver=1

43 B
1016 B

105ms
56ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEO7BVtJRWx5sbOxO-CB4NgA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVBTz8ruDhML_1hJuyV5Fo5d18s3RiaAlQqfPklAS0qdRe7neUYTcDOhrCH5i-NpzwDiCBt8Y__6109QbmG2CBP2zPOM65i9xiO60cp0dfrXJqbl1wvBXzs6YWGv8SpdB-xXTG0xXWJxAHm3oUhpUqE4rjByjH_CKPw7FO4_ioBnRhegbc

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
AN-X-Request-Uuid: 9496247a-3e1a-4c2b-b9e0-d6371c8e7ad6
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEO7BVtJRWx5sbOxO-CB4NgA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2EF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzE1MDYwODk4MTE4NTQxMQ%3D%3D

170 B
188 B

170ms
74ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzE1MDYwODk4MTE4NTQxMQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
AN-X-Request-Uuid: ec7a42e2-3118-4f7b-82d6-5ba52eecdea3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1NzE1MDYwODk4MTE4NTQxMQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3FC9 106 KB
38 KB 184ms
53ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Origin: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/ Frame 3FC9 8 KB
3 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAcX9n_fMqYdqgpLuwU8a32F3sEti6N-oMP-yo-3x-peGozzDeAlFk5wIbzXvskYpubECrBzVLX8dAhOyKNmMpFZmyepeL7SukaXPnDbH9go84z7hsz4XgSUf1iVbJ1sNthxUicY3UZQd4oc20TaVksukc7NOl6L_0XbUfC8JI6BTLLcE&dbm_d=AKAmf-Cql0MsxYT7z6XwluiAFs9SJMgqgKq91PJLvNuOo9IR7BzAdtnDzlehzjzAZ_ZHxHWnZyrlbzuHmvfqMUJPks2HFer-Axa8K8qYBVru8wg2L47sEcPyT76AD6rM_yHymr-iQ-gw7dWCE14ObU_9j7gpXcpudMUMoLzSbab7DXHOqyZufSuOmqaTrWgAp-z_S33STpJ2_k_aSD2O0mH4OLPP5ZT1_8kCsRYxkvotqbun4f1qiKc4bGfTcf7k-RoxEFck_2hAopchJVlmGyWnf-WrZ5Bm6iPpG0MdnxCNr-_6DcLRgsOpDZQI93sckDLB8KlcxM170WqfsI1GVfbJfZAjOCjd1-MFPXB58LpFmWNMfl84aW0HwociSRwo2jkaNEH8iilZhyjqyIbuBuY0k_GEXY3E2CpK-ulHrrFThmQS8KY06EySzHggpV7OgQVQh4NOMwde2E-ng8Po-cWlRE8Ugbbsu27xJ_BabZnbMUnVDZub8XvPtUeK6nDOFCP1hmyRicWs_Cx_eP-wDzRiQwH5BWaQbl3g375wwY3P2kwhFDay5ALZ5MLhg33_mUjp9iJmybyFdya0TfJW8HQ31OIWXD742O4SxwHqtAZdH_DILMY5_3_E1PIYsFkxEkm-SESKVWHIdS--aMD3vhm32Z51oN47tiwcb-fUCbkl7yexeqRgb7KokJmFPr8fpJrDZ3NBuRV3hDRmzYy3za_YFGzIdj-CoIjzVv4h9-CaRnHIZtReFyepJMNC6Tj36000-zw74RuR6hYxh_4bLKVFQcQJ5vjg8rSE__K5Vlx94PuuqtbbHg6eUlvzWBpN-FKD-aH0izcZaWtrmxY34wnfiE2_C3milnhd1PJm5xf2ObgDCAcMjJEiETLQop3IF8q3VepxsDOnX6h0Sy5R7c2eR2vtMxhprrkGQ-_wqSAPWYZ3Ytxr_F5g9kWMxsyzn_X0fZkymgkZ-2pRQJjLWWNaTOWVZVxLIuGn2HoLVlDcVIfjTYtHUWzhDk5iZsDW98y3PSrQuC_fLXptBPK1hxGmSvDnbTWhTAuEAV6-nO8vNzjxl5G88ruysK-XoFz7cgqyZ36MZAnuWL58MJkMfbtRCrhvMAG4dfRePkUDAHoHZseF9fAADt6P41LbqkNex7SYL7RFYT9Muhu3jA4brtdiNRh36e629ppXiGzEACtsgQjbW4Ps9Q1OQbAWcHGfF0lHAkGty1If3BWYOgaV_sXRrAbJgM0O1l96pIaUx0lnurUugjwD8FrEkABXY5QcHZvyf8O0pEXvwp7Bhor5CY0mG4JHr_5JeCuE5w-ImnoqSiftbJF5qWR-3iLOdLGJ9w-IwwzvcqSE9kkjlWt1zbWPVqsCwUG5I09KIkXNSPGg2I9jFI94ogfFU5wLa4pJrtslHBZcDN0aGuDDqiRpPcmZgKYBOKXlns-M8iptyphg-eR0SUmppH2w4CpWBz4NLOiDvtWOYiUba2VF96jkrN1pJVkDEolFttfgPQ-kMHXy970jMR7-mp8JnV8OePALn4MTCCCl9yE1DSGMkcHAVgiUJz-GKeY8PVGelaAOL1bx22PM-SAM2mThwF44CQN09guxMjnL2Y7W2FcNvL9-Yn8yFZJXJebOHekcy93B1Gu8BqAf5Kz6QVbqdoCNyIvKz3vCDdSq6mFC87NqirCbyHTVJFY7chM5PHOvPNLBTfJWrxMg7VYrDTl-zSJXUe70Rizo4e_nqDHgMccMCcAkdQ1Ghf_tqiBtoIus4S64dpgQxivvi1rc8Tbunp9dmbdnKwEsJ0gZOnRxz70agE39sOSxRrCwpBJF7A9RDHgrW05IXs9VPAA8mGK_ibxrkAfG-atTyWgcRUrOO4cYDhWWeiElU_rxCKzVjVBJmlBpm1xxfPwwYkP6Kt93pqYs1kRqWCe9EAkPscxPHJZTd0ebs2-JHrQfjmOVw-6pGqhh4jNjtKa8OtqWUUtg9LA2AzVH5ocFN8de_veQVhaf7t-xEGmdcyA0CAj7vWG9-x1oCkDcjQO0z-C2Qp0rfLmWl_FfWXhUmHgSLFHRbRzn_Oa3RXZqIoZ2HfOhQ43qhP43d4i6MxFCqSWoioTyo010ooOe77ztK9hra7eS94kPmm2h21--ScPkRy1S91f33j-Nw6ptHtohreXhsJq1SAMIGx0qIdQeq2ts6TShOX9XuVKCuBuudLZ4MpBA7RKgGy_hcyfa1-8A22uEFO37HfYTvkX2GK5xr8xT4UnQo0QprfV_-1id9uMydbqNdHXNfN-YscJx5uCMZmSnOh9u1b7vu2htEjzuNcW0LVCEaWOQbbbBkbjDZwmCq-Pee8GrgZr3ccQYacXJDwnEN1XA5fhzu6oqh46uEqJwV27iAvf_UGLmH5YNvg6UyARZsR5vD5fcsrh7oX6rM3JclFhyAMFgJSnqNtbNA9UdZ5lmKZ6G4nLXhXBIM9k_XgkCHPo5JO-_BBIEIQ2Ja6e1Ll_g9xdwxWiPA7AI3BxIoXnxD7UpQJoq44mjLFXFj7a882Q-2RKUm7DqGayxW5pmsxrMFL8NdSnJF2RdkjmYxe1wydgDtvYkFB0gBxw-krNIL7H0Mree-mTeJofGzDAbKhGnbOOWzjAB5ASGFmrjBU2Vtn4PcFKN9k4rFfXzlPAGNH0m1t7sJsWKBAB7_T1EpF6qYQGQTXV7MsK8gyJ_uNkYkGo93AbMqyjCeYYjmsyeQ6KzYFWbw7OFnQEKbVRB3Owtdep85YXpg7P66cTMZifI-Kv0DdPnegb9LbRO1d7406cXmWNS3MvfJGNjsa6ofiEZ4UcC_1AWidMDWsgq8sdjsmroHp3i_QbnENG7V5IkZFHvK8YFRgFcCbp46rqHr6MLL9Pf41hIxJm84ZXY0tcX5gw7LpYOlba7ToAL1DBFOnh1bGeTMVA2NWdX4TSLvK1Yh3R-E9AMIEWF3S-tl3TgMp2DgGIzEGhBLIYZ-e9_Jng4xqdzkBhkgIhZ8Plt8XZrCXQmqPt3imlk3AzIcGt3NdKCirAl4Ef37EfPukrxxe7RWSGENDC1Tbyd0mEYaufPQGca393aoTKJmbJ2Jo4RwIAlrThSdBifiJT9E63XKYG36fR8q55qBjFUkgoTT-2jFyedcRLFc2Ob6rLUejn0rZApG9pTf2EG-ZW6BQlrLSkX-I2WejSJCcZKr7ScHR2CsRGu922-5Tx6MFDABXSjykb1g3F_Z_oHnH4qEEE0eNXsmvk6kddRTp5dYXvuM9Xt-drrPepm_3bKCJk9P7UvSdhuMDmE8Zok3DmOiL8xO8pktm5YnbQQdFnx1hUziQaI2R61nqeRHLBpZJOvyz6QTcKT_GRW885Ot_HeNkIFMw&cid=CAASJeRo_D1HlfFmGEpI-WnnjfaMshZVQkxUglvCaFm5QVKC-NX7Noo&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:50:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/ Frame 3FC9 30 KB
11 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ad6f5f8daa1d32b6ac0d0dba787f1a014c159d0b5836f72bc699080f664d176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11728
x-xss-protection: 0
server: cafe
etag: 14397739518267393275
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:51:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A9CC 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1cPz4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1151929/65580770/ Frame 1DCA 47 KB
12 KB 180ms
56ms Script
application/javascript 54.171.30.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1151929/65580770/skeleton.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.30.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-30-234.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: adb6dea2eba69c0d38e1c266ad8c084e40e48b3c0a0afce50c66502db396a979

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1DCA 170 KB
59 KB 231ms
123ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Origin: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Oct 2022 11:10:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/ Frame 1DCA 8 KB
3 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqIVwtA2AyrS0OYbKkWN6KbkDaa7Cfh5HRglo7587RVf4334o8brd8HlPnD5Gtbb8OFziCzhWrYpE8atpwkglW452sn3cDQAPmk4HQwDHZIYE6ndwQhGPiOL5EBwdHLPSZ_X2aa9BpMo0HFcyiacXBN4CR__oudVJhW4YbSMvO1u7Cb6Q&dbm_d=AKAmf-BZKrUEH2qA7e_l6Pu3iIyq7ZzbYZvqJjI5ypQZOZCqMBBgRxLEfWHj5ob2sgUEyR3kXaqzwG3yt0bzhKI7Dvz-PsueuFwhy4ejxotFolsNC7i6U9gsAqYYf0ocmFko6g48BdlHvJAZiK_IXGtDs-IKI_XVTYDEWLArywjudofrfcv4IO-EZ3rGLGmHmc7iyb5HAIh-3tS19j0GhhArF1xm9yOXjAYHckPo8v2oxD42x76sOifhm8DKQBs1bLJEFzWzDRNLHm1h7sMUD17XvMHJu2d2qmi3UBAaHMWi330AQxu_djrgS4LpcvBZTMYTNbk-DbTJZb8Vm5cCFVkFVLU1h0O_XP-V6antD3updzcS9SBDRblJ1DNnVync1J2enNq0-7I6SQkM4O8zbYFYhctjmVYMzh0sSw1b8cZk_yjBaMUV-y7MUdNBG9CkjgCe550lvQ-m0OmjzHr_q50zDQwC8xxFO11j21i0DFLDoSSnqMbgf1qpBRtSfVBLfQmfijeC1wmW2HhzuM9v7xU8xXJHFOr2rRItyDtRTOFm3VwfKq46KDkbEwIlz3dz8wUdB50sMi6wE4tnxqvfGP2PCrWJKH23mK0VvRdoMioJq_YjYlJGvZdhkDcZCJtYe9dem2ePD4Z4igdSUwD89yXbCSWvBfG_83LLwHRP3tsmbThdAGuNuLUw_i2hlCkLnaU3Ks0Y3Mm4Q4Recfpw5vM_GcrDPZ5ZlEZN0gWXOCAfrwy-pYxcjLiYGIdakSGFkylNWW4H5MVp5PHQSVktLRM1lPnrmdDqoXNBRTm8mj9SKG5M-Zd3bGJ5pl0cueLJ-Uoy2J-AQHUm00w9y2w_00iDa08pGcq1wm2M0M3qr3j1Sgdf3K-byGuj9SwB-942uOYO20H2jraYnw_Uxtyu27mHdwWs0R0rD3Z1QMKDfEqJp0ijD76Ob3tzjzAhCid1Chfn2Ou7oDuC2iKpLHAOky9TQ6oWNa82FAa3QkEwA2YI0vE-YzmaxVi6XuYSj5AzdqQiZU1Wb6QxoUoDioGcldrlsmeJL8AfkrRLhU-7OgFOiFw-8MUVjAfhn1L_-LhHvMIjA7bxl2ahw_fOxJ2lb0ksgYUtt-eXvWJkD0TdjtpLyqFYiZhRQ8GVGJK_8tW-_4oagp6engtsyWr9lyT0KN4G7hYUcSh1XAyXcGNgNUNcHzZrElFauE17Vz9vNsGHdwOxX6zQA5LNlZBh9G5BUz4F3ddcpB3dS4RFtE43GoPmvIXOB7owq3fzl0e94bB1r9bmTUXWGbZABviPZHF8pKYw18_y6wMqXHRQVDmPMG1ApYB-3wobNelEN_IxPXkYkJ23b1mgynon3J4f0WxmZwdp3mX7wV3wGaA49oZLwhgP1rRmG2iwyc0tVQhbTLsM9agE8XzyHPMETEl5aywEclax564v7vbVNWGAYyEFEM18hxsn2lwVm8BNhIt4O57OgqqZ75t-fRPJuIJQhdDLF3_c5fsnLOd2wqDtyF9Y49QkPu1aPO60k7lKlUkZLSPKvKg-qR4Izm88Yj6oUkHk6Mv7-UKTHkLYSFzeobKUvAZJg9VGxQsga6EDGPP89VRia2AfApj6uzE33Pj0ssdzBKhkQ3MpeGo8Ya4BUXOpjGhwrNdRoRJCgrGS18t2jUwcumnPVp5KsuUkNBfjeW2TWeebWDHpmNYfI-OIDjmNAyMyj0YxvG2OE86PlpB5dwWilnyhQqv0sD8cKhFfvtPgEhJYaRBEGL01mT2_vwGgWn9TyUTsIVuq43L9dZg6Yyr-JITVUlpSrGv9Z8sBsVQkyuTo-AAHr_7ceNAvLk_kb5_sydVFEXMGpD1hHUY8WQpy0xwaCLFfsbSR2O-iQrO-9DuloD9FRNwg8-_2u04Lrv2bWrNYR8h0jCN9bsLiTg3zIPZfPVfbPyIqBXTrNNk4z4pyjFcvJ3j4Znbq0ZuKE29eKSs04mXRImiQKI9bRD8ArWT44iRd_hqyx-phJ-qS9I-dGuxZGW8xvGMb7Tnyia0yhKeoB6QYhDUOKfu1jKCgTAw7KgxY8XyI30XSUFKcY-Q0bGV1u2fI8-T1OtgwbnA1lt5MpgkuvmfakrmJMYW8i8lLFbgyE4I9YpfOgFB32h2iJmokQe30qGSubDbxY8jq_dJ1LJ2lrlK4ETirEMaekHXBhUO-10mrMbYcx9UKIYCXxATnrw1eNErr0CQg3vMNoV7tzGGtbS2K0vErPN3S0c3FdlC1-uvZPaTaCZImeUNrsQOezHbJgPbnjbJayi8u_6kyuZdSfLtgcOVoLbjZ6gZYMaj8SNVY4Uv-sF0kIHylu8t9tTpjfDGEZz-faJrh6AFyFyRItu7g3iEWa_cg77hv7oZcctT3YSdKslGUisIj_xUEEbtE9VVYUZRXE9Rvtg4dUtXaLvpPq7sn2VCDp_kz_3XCcxoaJfKzr15wF4uQr5ar504sR5UN6SbViwWkE0vHblNeCyiWs5GsaVPRsvVgrhB7prpesE5gkLmKAEYAFPqc4p2qFYzUJRCx76ZWv8xLe5ajD0q0qCFYgdkBzz321RXn8Ne1m4wkW5u2ydIAbrclYRY6vtGffol8pL5HQz3dLwFEsJ8cy7hp6A2OQpJbKolCxs32jMkWmVbedT3BgfdckSbYKhRfBqPQ0fD0VIBoLJbtGOEEWsRbx_1BK9uO3SD4GZsbKBCntgAWJHBPFZjv2fifXtWysZYDU2PHkV6z2c2xoGhwBa4NP59k08aUPp6C8iy5Ya5yKLVHPtgd5oCI5jlwd7w-Vzw8LLyiq6E-IdbStWJwqhIiuIx1mfNrgfsU5hmunhO1DrzcC3I7rHVYNJ3vs0fXsVwa77YLbkI6xYhmuZuForOgqDFW7xjhHyqalBYqtwybiSllOpgQF-6viVRuhKNJiWjUBjCdz6RoekPVc3oztitNkORc77rbX1rvcoz80q3Y6ZYxTmZFx_6Y6BjQ9myXydwHsfFj0k4MGB2rFoEyGymblXYSpsyg41vD2w4h587m2rQAscH4uMjyK98xfm_GutLYgxUSzqlxRd1g4_R5zy9YZFsnMlRqxH7gwzpm6BConLPJh_fNZbJMNFsAKBYNE-eIr-nVp4B8hOTQmgOhjuwNdVyIG8HQ2vO4ZPZ1Ab3rMv2G-TVBYD8dMBWu4OCqbHEdCyKvQzy6Odw4QOOTEmKr4AH0-gFibWNL2GyZovICubdEbDsqynhGLsh_WW4EWfSOUGrYp1GBeqMbyG3Au2DrVF9Db0kKMdDr6nX4z1yOvjdNCg9KaQ5QAwT5ijnF3yl6tB4F8L1-WNgKnSjArfv1dvUeQL-Jm1I0kGDxbf6fHh_N2z986np_poAO_ok8nyGad5Y3TOpEhlgFSHxQb-W0lwrVxhpKfeWzSgcjgzhrp9-ecWY1JYjAj3yBGKUG1yxtb97t9mEmJUuy0dQ&cid=CAASJeRo286QlbnDXxn8Ap4J_wVC6pUn8nnofpUDYtOQbroXdCuTMbs&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:50:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/ Frame 1DCA 30 KB
11 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ad6f5f8daa1d32b6ac0d0dba787f1a014c159d0b5836f72bc699080f664d176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11728
x-xss-protection: 0
server: cafe
etag: 14397739518267393275
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:51:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3FC9 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 21:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 21:11:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 84E2 1 KB
643 B 54ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Tue, 11 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3FC9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e51dcfbdefd8df1bf0362141d99c3ebac9212c70ff3380b6594325ebb987f92a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DCA 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 21:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 21:11:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C7C8 1 KB
643 B 53ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Tue, 11 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1DCA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cc3711aa62cfa90a7a11e0ece315d961f7bf08ab1f5c6730d106da0ab146813

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 04DC 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 394700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 22:16:27 GMT
expires: Fri, 06 Oct 2023 22:16:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84E2
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENNy6gXnMlVkjK4upiDLeLo&google_cver=1&google_push=AZmPxg9DQ5W4NoOwyveFMvhec-t0K0C5Djm0uNtrY6v1wFCp6wnOS3fYB5yufdJhL52qg7wb5reu-4SqCAi2_gCQMOhGyYItQ5X0
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9DQ5W4NoOwyveFMvhec-t0K0C5Djm0uNtrY6v1wFCp6wnOS3fYB5yufdJhL52qg7wb5reu-4SqCAi2_gCQMOhGyYItQ5X0&google_hm=Q0FFU0VOTnk2Z1huTWxWa...

170 B
188 B

67ms
67ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9DQ5W4NoOwyveFMvhec-t0K0C5Djm0uNtrY6v1wFCp6wnOS3fYB5yufdJhL52qg7wb5reu-4SqCAi2_gCQMOhGyYItQ5X0&google_hm=Q0FFU0VOTnk2Z1huTWxWa2pLNHVwaURMZUxv

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:46 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9DQ5W4NoOwyveFMvhec-t0K0C5Djm0uNtrY6v1wFCp6wnOS3fYB5yufdJhL52qg7wb5reu-4SqCAi2_gCQMOhGyYItQ5X0&google_hm=Q0FFU0VOTnk2Z1huTWxWa2pLNHVwaURMZUxv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 84E2 0
42 B 209ms
81ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-KWmXKgv0xcJSwyaadsVftKMByT0ziMLZee4w5ehznX1jzOjl0rQsI3BMN5a3jXY6n3ddI-zo8RjrTvdiIXEPDFBGiQ4tr&google_gid=CAESEBMh8wWiJsrDJxYdFbMe1HE&google_cver=1
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 84E2 43 B
356 B 190ms
66ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELsOzHIKob99jTyEff4Fl1Q&google_push=AZmPxg99soT-tFuRFVILpbfew8FYN5DkhV1i5ufsJtlHVvqhk8UdGP0zpuiKb_ihavqhHEb1NSakgo9nkqAUPbe0wWpBNRynoTDT&google_cver=1
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 84E2 0
41 B 184ms
55ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE3RdEsoKoffLa-L3or5ytY&google_cver=1&google_push=AZmPxg_wmwOVcjNG1-2ldc7GM7A1Zs12P0GTzlvbP1Q-sXy0rM_N0SsdUPBZhz9vizoJbLjIYz_sFCUWUksOTfet1L3BSqeob-6Q
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 11 Oct 2022 11:54:47 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84E2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL4w5vz7xPsJhuoe39tOduc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL4w5vz7xPsJhuoe39tOduc&google_hm=Y0VZhy2UIkNo-XhhpExOSAAABFYAAAIB&google_nid=index&google_push=AZmPxg-hVSEcqb4pgN_IXWLFvZU-h52GoDpsr...

170 B
188 B

67ms
67ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL4w5vz7xPsJhuoe39tOduc&google_hm=Y0VZhy2UIkNo-XhhpExOSAAABFYAAAIB&google_nid=index&google_push=AZmPxg-hVSEcqb4pgN_IXWLFvZU-h52GoDpsraIyZhbd4YYLtEQ6bRdAPP1UQp5W0OnYdBcTKFAdg8ssU0WoeVP_bsWMOR6-IDFM

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMSRxWB9cwQf3kfEL09QTs5rqzi8Ary2xFzH99Dd1edjCn%2BGB8zVKdxwMgMEgJQBrgA5EQkPBZ%2FLMgkBugVUnfhEe87RmU8vrqfIDNIuqXbQMdlhSkfWFFAGuJO390IZEHCFg5M59%2FdsFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL4w5vz7xPsJhuoe39tOduc&google_hm=Y0VZhy2UIkNo-XhhpExOSAAABFYAAAIB&google_nid=index&google_push=AZmPxg-hVSEcqb4pgN_IXWLFvZU-h52GoDpsraIyZhbd4YYLtEQ6bRdAPP1UQp5W0OnYdBcTKFAdg8ssU0WoeVP_bsWMOR6-IDFM
cache-control: no-cache
cf-ray: 7587672fef16771a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 84E2 43 B
297 B 240ms
45ms Image
image/gif 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMEpAc40csYW9qfuZf7h-0I&google_cver=1&google_push=AZmPxg9dvmh3Tnab849CpWZ3l1VhRMaR3rnKFqg7sRpjyK5g6875ny5zH8TWmm57MYHuTuaLW3-Mh9Fn3R1UNqdj99KgMFrbPllt
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 84E2 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 84E2 0
12 B 185ms
72ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEJ0kPPvsaSkDJ6o9NIOGl2t66k-CMTLb0dXuIHgeu3PIhIXnBGh8mTLT-iLBuLAOhiflepw

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7C8
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENNy6gXnMlVkjK4upiDLeLo&google_cver=1&google_push=AZmPxg-892u_g5uaXXVwK-aiUwU8ymduwPyb47skR1FLvbOqReRxND3PjXGgmbdB6pQhiH0CaBO0QeoH6F1qjLPp8J5kU_wqAX1L
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-892u_g5uaXXVwK-aiUwU8ymduwPyb47skR1FLvbOqReRxND3PjXGgmbdB6pQhiH0CaBO0QeoH6F1qjLPp8J5kU_wqAX1L&google_hm=Q0FFU0VOTnk2Z1huTWxWa...

170 B
188 B

64ms
64ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-892u_g5uaXXVwK-aiUwU8ymduwPyb47skR1FLvbOqReRxND3PjXGgmbdB6pQhiH0CaBO0QeoH6F1qjLPp8J5kU_wqAX1L&google_hm=Q0FFU0VOTnk2Z1huTWxWa2pLNHVwaURMZUxv

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 11:54:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-892u_g5uaXXVwK-aiUwU8ymduwPyb47skR1FLvbOqReRxND3PjXGgmbdB6pQhiH0CaBO0QeoH6F1qjLPp8J5kU_wqAX1L&google_hm=Q0FFU0VOTnk2Z1huTWxWa2pLNHVwaURMZUxv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame C7C8 0
98 B 182ms
81ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9TOPfbI3dVUMcKaEjBq3r1GgoiOg0hBkThNRlvrfkgemQcm7m2xV2mjaCmm4q0Y1EeaV3lHwIYS5ag5Pcw-FzBqsUBr_mV&google_gid=CAESEBMh8wWiJsrDJxYdFbMe1HE&google_cver=1
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7C8
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9rpHb1...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9rpHb1...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTExMTU0NDgwMDAxMDQ3Nzg2ODQyNQ%3D%3D&google_push=AZmPxg9rpHb1468Mbi_152llsMIh_ee4_stMcAUvYz9k2vBrRBYfcdc6fgfDzUqDe1aple...

170 B
188 B

64ms
63ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTExMTU0NDgwMDAxMDQ3Nzg2ODQyNQ%3D%3D&google_push=AZmPxg9rpHb1468Mbi_152llsMIh_ee4_stMcAUvYz9k2vBrRBYfcdc6fgfDzUqDe1aplebCr_DeomA72nyLOt2MFJEJHfDR_UOs

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTExMTU0NDgwMDAxMDQ3Nzg2ODQyNQ%3D%3D&google_push=AZmPxg9rpHb1468Mbi_152llsMIh_ee4_stMcAUvYz9k2vBrRBYfcdc6fgfDzUqDe1aplebCr_DeomA72nyLOt2MFJEJHfDR_UOs
pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 11 Oct 2022 11:54:48 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C7C8 43 B
106 B 164ms
66ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELsOzHIKob99jTyEff4Fl1Q&google_push=AZmPxg_W7KMSjrQh1GR8VJSI0rFT3-QZyfDC2L09ZAbIoJOaJ1vJ7SHwpzqwDn-abLKjbyWXLFVLWEwqNxWic3hBxKxEEUpB-BfG&google_cver=1
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C7C8 0
166 B 157ms
54ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE3RdEsoKoffLa-L3or5ytY&google_cver=1&google_push=AZmPxg-9anS3OcMtWLSF4fW9hbB1OFvKlxTgAFE9U7jLIRwXD-HftgFfAAkyY0iCQvrjc_c4Ed2mofGev7FmdgRcd2EV9rvVQF21
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 11 Oct 2022 11:54:47 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame C7C8 43 B
295 B 214ms
46ms Image
image/gif 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMEpAc40csYW9qfuZf7h-0I&google_cver=1&google_push=AZmPxg-Fj1HWfsBH_J5DGKWdFeT5kBapAEqq2ZLc0p-f4yithsNa_TKKF0QyRZ48QGTexG4MC6sBbAKztwtQxVZ8uFHcSVvcVqoH
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame C7C8 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C7C8 0
12 B 148ms
63ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JM0oVh2YmLojx-XeVsJUtimEjEDntPKdb1hSmenxu1K21h5sdPMVBu8dYGMO5Cmb4uxorLSw

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A99C 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 394700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 22:16:27 GMT
expires: Fri, 06 Oct 2023 22:16:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 04DC 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:24:06 GMT

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame A99C 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:24:06 GMT

GET
H3 200 index_300x250_google.html Show response
s0.2mdn.net/sadbundle/8822642987549215541/ Frame 6BDC 6 KB
2 KB 169ms
59ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df77af06dbfec79a329c9870b8fb8ace8335f2dc9bddbd0c788e3cc7396bffd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 604539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2201
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:59:08 GMT
expires: Wed, 04 Oct 2023 11:59:08 GMT
last-modified: Mon, 05 Sep 2022 15:11:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3FC9 0
306 B 116ms
101ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuc-Fb4B8ANQk5HP4YM_YOvZcWQoM_8AeKt6hi63pI3UGvYdkkVRMtxZL1CCr7SZBI6PdfN-GQ5CdI6De3KKVTVkAzBrFWBDTIiyAePTQI43NeXlyYZPABUxCEVg4TdI5wCw8KAyzRPKOyOkg8EhCvMS5pILDeHnlbt-ziw3C40cpdiSjM0eQ-6ut2HtEK8Yva5Wd-9VaAtlb6Zxr-4p8mJOZHA10qv0CWINP0B3YmYDjtFMqnoabUnEkqHKvYEimlOys59miKy3INoZrKozzJoE1GH5rdvnHTsSQj7-ZXLAmz99JKvkibemjPpZfZfvewUlQjq8d-PTdjTNkkn-HXuofHsaMzrGKXWRu8BA88u3RbM4PMy5QEraMp2w2Ml0QJjw_upHGbNBAR17WNyzHqvxAqzGiBkHoDnH8ZHY0GLWw5pfLMpH_ZdEu_bJFjF4ouUy1j3PElAPQPXlQFuzAMah48z0IJDDUZWVI8ici9tbOy5qqIliLhS7IlYWBb6PaI1cHSFr-MOrM-Q1938WFy5q5xA4rncl34fbtAPwDWj6TdGI8A9SHK9yEQk7iedHykZmA1DxpPCmvl1DBmNKySkQIq5RtfIZRkK91AI6cvqvJJFbFdwrjmlCJr0B6Uxmjf50op-ncPRVfoyrEDAmSOto7eU6elvwdGK52Ultkum-PeC6291bqbfKmEeSDezFJuRGFfEJJiUeSE05F-o2TUi1ZG2_SMKhYG7p8vYIhcuU9EgFBLfXoeObQ_NIXm_5XakTSF8TDHCEhQoY7V432KlLodlOevJqWSN-fuyh6cHkV0d-xL8HhmR1j1bRev1ezxr6RhvKk8zx3WjBcBx34CarKQIhXEkwTqd6jF_-9_cxJV0Dehk3h_z-JW6lRZkXNXs8VR5a1v2pgSejxJho3WXH-euAoGsHFTZLe3IwjL2tM4I5rMu9t2-BTDZ472U1jHymtTPm5Nv5d96Sa7vzqKlJTU3IyBUGk7O6Zz5JxVMAHFuPrEQQZFDGAEBDyI0nJsbk1Z0xIMlXt-IzA4x-MrYob3hPNZ8EmoWWKeYijxe8SiyWylHr_OvgrqYZnRMIvUs4iN2n5HTaPAT4CJEk2mnRadzZfkaeFnUqPAlKf2EvZA_nsdt7HzHcEBNaNjMjtyw92QKrMYSV2QENHkFF5zUFIrMdXrKCH5g4JPQ22gH6T2ZrA&sai=AMfl-YRK1sChLJsaFGcBNmx2z54dopp-Ml3l0p5AFwfAl_ygOEkt4QBupBbQfjX87nDcKJ1wEObV1lRtmXgLN539vRKH64zhsv2pZqwY-hnxP9XnKx5YIQQBix5Yx_NCbHLy20ymg5NCz2puFykmxgP_Mh6D3TjL3Qu7TGPXuxsCjeo4RPs0xMRLmjsD8KsGduY00JqqQvHxXcr-oJBl47f9Yxd7w2eY0A&sig=Cg0ArKJSzD_Xy5gzosTVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=258&cisv=r20221005.48276&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Oct 2022 11:54:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=648977286;
ad.atdmt.com/i/ Frame 3FC9 0
0

GET
H2 200 main.19.8.355.js Show response
static.adsafeprotected.com/ Frame 1DCA 194 KB
60 KB 207ms
65ms Script
application/javascript 2600:9000:21f3:8a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.355.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1151929/65580770/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 15:12:46 GMT
x-amz-version-id: Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding: gzip
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 420122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Oct 2022 10:37:53 GMT
server: AmazonS3
etag: W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: USEOh8ny92iRpoxQbaca1d-QuZekNJnmGSjyPP4DyEaHrUuzw7_oog==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame FDE3 2 KB
790 B 126ms
78ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc49078cd148b10b22ed5e18498755305d5615ee7556aeafaec2f23c32044ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 762
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 11:54:47 GMT
expires: Wed, 11 Oct 2023 11:54:47 GMT
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DCA 0
64 B 101ms
101ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3Z5RIZIgehmh0KLJnxsi1FSp9HBLViWqLW3Ca6Cl6z23bV0wMq2TEjaGa7S5aFt2JpDDdT-BIVNHZZcQLCuwKYsQM7BQW491zolSFubAl6ZrQwZngGhB7QbN19zaUWdOewo6kpW8mmwvP3PlBA4u_kDX6QvXbl7kuhZuTiScv6X0cMgDJv4-vWupFZNdpMDg_uHn9dMhDnfsIWaR6TdoaxF1Ir5DNtwfuKs2bLAoV3DZNgj59dbotkxBEoOhp5qzENDaSIFvfABLP25res9ZKz8Y4asLmEchx2mMqtQ7SN9grClC6TM-AQmwQpsZl-6VL0sxl5tZgaIngKCz9oNPswoBPl9lztbBTAhHEOFhuullyXQ8mQCP3RdrlTMnmJ0j_RVXa4XF5Z-QtBoAj3ilUvJgRpYwf5RY6NTeDD9qNq63BOwFnzNjpKyFkncfOp17VlOp1RGyQCyd5feNeo8wy3z_GPtCPdaqTjx1NR1eyQToi__xTZk04vfdCLIc1VErK94dW6JkQzG9ycfl-QvthDAJCyndXn08SehxW9g6J-lzwigej8o5IPvgvyyWlIwVVix5hy1p5X2v8Npc0MyWOBqF_w0e0QdSoncRD6bs3cBFt50tuz1cejXGv7WBvcv2Hg19MiNBADkn2zdO0GwT9w9HvKtfj__gYcZyLRwZHlyE3jOBWjs1MPtlNKvdYL6RdQ7n2E3d4ujSDuz04GfBxAuPdAjJ4KqMUMckBBBqAX2o0k-1LjBbw82mz7FtVJXx803w36e3sL1X9cc0H2amGNbT5ZsTd9OGVYr53G0xafqsdjbfxamSg2ntbt_vOdPD5uWiocK5IjpniGUML-kve-C7XUxDAGDzl_-eBaKhxPF-eaFBwgfL1raIF6vdfW1RzBWxvMCnFXdg-05sBZvaR1q8dF8iYdN9r74PY5ZczyYivNxSQA17U_YDzIRGhmbzk_jyeeA3kmTtoMJx-x7eyM5EfjvndPzLKpYb3GFwCuOQvxH_x622PiyRsM1vVFqfTx3o57TaE_VIsj8z2Hv0i0w5PNfRHrvP1DaTnG0ZZk_YqcJpConIKDiu9dsrMtxiGbpAK_uwqeaLlla8kaJvk9XZ_nu1yfd6Q8CppmXuUoCr5GO3fKiDPHubEi-sdT2bGuKDRB0Jn_Iu0kJUxhERn-ZfDsQSipGsh1UP8fFR0YtHkxO6oaaKOm3sOFi9vgwH1&sai=AMfl-YTNmh5KLc86o60fEO55T59EL_T-XafH8Aei3ThhDdvOaKHWqTsTUJZqw8-UorPKbdkiipxkjEKOvBLK-Hs-H0sjFKJ1BBAHizY14phsMLXN2rB7DRhme72gXQHQGATrshHDEPtePghqbnz4-TWE-kjT9_V1RCUIOrmCjy3KoIrl12rID8PmvcaSk0JacKBaTEdHSxEAw0mYEJZHeifSsLceLxLYKw&sig=Cg0ArKJSzBCabhRwlJulEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=304&cbvp=1&cstd=298&cisv=r20221005.20618&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Oct 2022 11:54:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6BDC 105 KB
35 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 11:54:47 GMT

GET
H3 200 easeljs_1.0.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6BDC 125 KB
35 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easeljs_1.0.0_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36116
x-xss-protection: 0
last-modified: Tue, 19 Nov 2019 16:51:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 11:54:47 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6BDC 236 KB
63 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 11:54:47 GMT

GET
H3 200 index_300x250_google.js Show response
s0.2mdn.net/sadbundle/8822642987549215541/ Frame 6BDC 50 KB
9 KB 56ms
55ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed2a076a4c12a6e14bd182d8d778639b87432bb84ff2c1e51ee569a21aec4b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 11:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8827
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:11:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 11:59:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04DC 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRyOUh1lFY5DZD4W13gPr9LKYDgAAAAA4AeAEAg&bg=!-_il-LzNAAYqRg79CkY7ACkAdvg8WvPwa0eynMcLsm5PKGPhEgIrzX8SsbuBg_GFx9iSdd2VccID9gIAAACHUgAAAAJoAQcKAJ2Nq8aKTbhr11kMWM7Rzyul82-nkVdhGHlonwJfWKbzXKAwdvvNa8DDml6tgk3dnl0kdbfDnGBquu1_oBynHYU3cLyrA9FauiF6Z-3WEOBNLoTWdnULLtEjFdG7OOMux7L8sBBglJxC68D1SuEB8hchCl3rjZwe73K7oDx6ETOupuDsS7ZKRlR2dbNOikncwZz9O9vDp_s7uAoXZ5vzmQL6baO1PZHxQqAMdBPk6kB5nG7y4De8S6o9bI1aVzaLhiHryc1AQFYLBxmSy73cQ_tdRcdOuPvPGHRTO9XHUUkRvIaVXcjxgNMupto01vdbV93nSR99T-BiAcGDQ9YjgpLBhQ9q1cAiOcC2mOSxfEVofoxT9ce9p0Eb7RmHbNOvjEP29kyAXqKcmViwnJOwrYt6X0Z6W85NGpID5suJd2RjGpj2dAv7OJUqCaEvVSY97woEIAfaEFTyY8_bmFcchIk6myEnyG4THHMamnGI7w3INWap2SUsCiBRu_ch4B3-qFmtHdCHrSkNpY16-A-kROPUwoet_1Vrk7GL9OYaa35sZqGvTrcHVl3bmrvmYZEG3r7YbzROq1Z3X5x6nsR7LcV_94PLmUf8UOR6jblB5sczADAiLA733iiOwcw7AeVd7iBtSGyJ0jtvCMOCawixcVi-UTuLhpgZwe_ZoWRWUBsjqqi2tjn5LyV1GseT9Z7E3oGT6bs_1bSD76ZqtlutZLtCkZu6GcOb681Un1mSO4oYtF5-0vPIDrXx-i5_LinCZWecYVMBK8OYPCTzivfnKdfSnnnCJ8Zz9RdI2gvvzSoMm7yDlxW-l4WtYgiySpacI51yx_o67NKLI2GPHhU_Z6X7IWMh9-Alq1EhZGkUMPnEQjAoaL9s_rYtsBopL_DXmxeeOUTJ3aV_XrkdXAt07q_6TozLcx5MDnUDb3dq07h-bzbo-5pQBHZmYzqTNHH6Hg-qZBk9unqj-ghzKvxeHWvynoeFShzjhX1Ybs-4B1KOmBDYOTtVzjnCC-87RbT6-SeT63lgUYQwrL85db_O-PI-0wmN17rMKx7c99Z5dB3py9_jqMlMCv4JJe76AQZpQpsmC9W-63YvKFixV8MjAkVXRKr0sFgbajfKbJzeknDlKYPHtTjADLzfcSdf6g20ir5B4wl1RUbw3-2EnBY-n1vgSsKRPkRC2buN-COyizprd1WbLjM1AAoZPn_RQmxBaj_tVZgi4_WIo4JH

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame FDE3 118 KB
40 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 10:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Oct 2022 10:59:19 GMT

GET
H3 200 normalize.css
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame FDE3 2 KB
998 B 59ms
58ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/normalize.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45009a4360ffe5364e2be9bea31dfdec6eedf10e6649bdaecf011ff88ba928a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 05:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24607
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 969
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Oct 2023 05:04:40 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame FDE3 8 KB
2 KB 59ms
58ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ebd919eeb6e022bb3543d00bade694b24310e1da084d878048db142a7c51665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2218
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 15:30:36 GMT

GET
H3 200 scroll.css
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame FDE3 913 B
378 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/scroll.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

286125ae16ea43b1c5fd845a948850f0e7de05f45cd1af1a98c0f1a0ea7ec13d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 349
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 15:30:36 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FDE3 57 KB
23 KB 163ms
162ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 11:54:47 GMT

GET
H3 200 preloadjs_0.6.2_d7b96570d4552592ae479162e546cb25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FDE3 55 KB
14 KB 175ms
174ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_0.6.2_d7b96570d4552592ae479162e546cb25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291fcf6b0aea583079f4ea7c943852ddd668ad895ee08b0b557b372040d205a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14120
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 11:54:47 GMT

GET
H3 200 pixel.png
s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/ Frame FDE3 3 KB
4 KB 55ms
54ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/pixel.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c835ee88b96ea90b7a8aff875a23ee80a6ac74fce186a84eebcec9d6fd068dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 13:27:35 GMT
x-content-type-options: nosniff
age: 340033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3569
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 13:27:35 GMT

GET
H3 200 dws-xtrackers-logo.svg
s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/ Frame FDE3 7 KB
3 KB 56ms
56ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/dws-xtrackers-logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f799afebaa0125cc2e1d05bb4559d198d1092b87f20951d3a3d84994e07561de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3264
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 15:30:36 GMT

GET
H3 200 btn-right.svg
s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/ Frame FDE3 946 B
503 B 56ms
55ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/btn-right.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aa7357513ae62edeec06a9ff700c76e506a6d54945a572ac16249e8048e55af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 474
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 15:30:36 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame FDE3 16 KB
5 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f04fa8e54a4b29df65e453963d74219400684d053364bd67e79590bb4693b944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4681
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 15:30:36 GMT

GET
H3 200 scroll.js Show response
s0.2mdn.net/sadbundle/6499343874152988672/300x250/ Frame FDE3 5 KB
2 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/scroll.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4261168c69b8f0887385e3f95c5f7ea90f52d428ad1fe827a6d4beb5e36f9546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 15:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1703
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 15:30:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A99C 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKvE4h1lFY5WqEN6X3gOykI2wDwAAAAA4AeAEAg&bg=!aWqlai7NAAYqRg79CkY7ACkAdvg8Wg7OmsYVFnbjwmTB29ryzrPK18gA7gE7_fQnFdc1C-GmCS-7zwIAAACCUgAAAAFoAQeZAvIuLm1chUZzinFJPcWT6IWItUrvKgL35HUJIwIldQBSf7owAaMiYlh5tiEujlBLxc2LhQlykWDMEe0DLrBHjzaSh-SBw0NH2E77EZwCGWelTZeqf1JhvR22uTTcEmg3-x9OENboX1vcAg9Q45JZGaGT3lJpzQeACcbeMzcHCD0Enuvggg9JnrrUkPVnrs-LsLxyUZ3IDNXYx08j7xXa8jJxHBaLmnW-ufl2ETplOSH1aTnIVEInwIk7n8Wk7dIqltWU5dsaEoj7cknnMHIAwQkQYRZRi9XAcjVRtAOFPIU6_T1ksR0ox3tCFk3HVfpotRyNvuhp31yB3O3xVNtAN-wo-TN4LDkEjwRgrCFKzAowyhA08v8ZEERklYPqqhtvA5PHg8Rk3mXhqB3sVR9I9tjVaGRV745bbDWOD77z02e5eCaIC6NjUmskClb9lLqAKyGswitXil4ZP2xg67Nm9WD7rLVNqCDns7F0E4avlZr5G9rr5HoYqAA_tTW-8ih-jRb9PTgW0MH6zmLlwvk74BUDD7eLLMJYBegbf0SqZSm8PqdcDoYq0lXck8VaUl9zqSMS-Bfw0JaZsP8C_ixihCYDxnraNcRiCqTfhZhm9sX4ejMwJSDocri0om22sUD8aOR0qRlaEZj1ydGo7UX8vP_VQIbExrrtcHgTyQhMl5K6D3iKO8RDi-WzVONVWFh1ypqxg9P5pNPz4TKzkn1buTvquRceqpLVCpCPRwlErZOLse-kbVshmq3Y7ctLBQNd5ySKBP3UPhUQry07rEyk5CdXwmBJRS8ApHHIMLV-X8nGNtp1uAzzVwM1jts5oNL7CluXOmT_Y38PvyhvccxJwyyP9qQ074WW6oLJPvz_hPAShwW9xA7zAYoLBDhUjSJ1xddkHzgpAamaJylBk98qroWiCh4WJ8HN6rhcGEpuCLttH-lwk8QEwFLt78try64-PLWW0oXMWxQL7DBWYrgNvdCpX0RgGHxhCoVlczXMjrjbv_T1

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 1DCA
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1151929/65580770/skeleton.js?adsafe_url=https%3A%2F%2Fwww.capital.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff03929b3296541725973581f52d1d4e7.safeframe.googl...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

57ms
57ms

Script
application/javascript

2600:9000:21f3:8a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:21f3:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 8848429
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: WS9AasoUHlHp1imXsgDSntiLbk8Y3LUoGQrvzIg8apH6J1kX52s0kg==

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
server: nginx
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5DE9 91 KB
23 KB 64ms
64ms Script
application/javascript 2600:9000:21f3:8a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1714711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 4c0NpNEBk3KZQ3PkmWbS7O9DI235R87BFWnNSEo1BYp9RQmjHNrRVQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1DCA 43 B
216 B 623ms
128ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=ef5c9656-c896-fe9f-7646-635725003ad3&tv=%7Bc:qJEHd9,pingTime:-3,time:324,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:299%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:324,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tjXhjU3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:301%7D&br=c
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1DCA 43 B
215 B 747ms
255ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=ef5c9656-c896-fe9f-7646-635725003ad3&tv=%7Bc:qJEHdb,pingTime:-6,time:326,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:326,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tjXhjU3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:301%7D&tpiLookup=ao:www.capital.ua*&br=c
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100301&jk=1748201111601482&bg=!f3ylfDjNAAYqRg79CkY7ACkAdvg8WuqguQ8YNNZmOlTEgdM5jxFtUmpBnMNihyu1wcJqjd6JkmDwOgIAAABsUgAAAAFoAQcKAB_n2FjvIckrhaek4NM-4Iz9GjPThESB878YlqkeDmRQmQKlFzXC0QCecRyWUA0w6Np3cUJiq_tRV6ZCtbs0aJ9ArSlmBpl-FDd_E4TXkFa1tBWv3Pu2QBRSWkuaqtjMSExFERBYE3Z0SNd3F252slc0z5k3rZRPTMX5dtiJxJ1xD02gaEhZCVypcHBr8FerryHgIenpcuC0kGE1Z0afewN3rIXBpO52bAq2bWdCiQ6fGxjOC5XFMROgnGadfZwh_XqVR0joEBAaEhP4xCESECXqZy1w4nuTWLuevfI0LF3jca6pHHg_-Kv2uaNrXBbRVkmn_VUBnsaklrroJNLzPdfda1z7tcRcaynv6yzYYM7aYpGbcxNiBkpzdSr6uEGdhI8gx1tEP4qBu0bWqcy1dQMBh6yf3o1k4NZOdY7CSfg9xA-gXJj4LGDN-scOK1NvUkanuBn_Hf1oULW_rCpKpSlKWdwgrt90YT-3gcpkjZOGQYVF2Iz15xy7DB1d-aQ9STWs7M-nNVvpTfIUSqNKLNNnKtXFbSMFqlmy_OJf2-KDjbGXxkd1B1WfWigc_K5sDlp_M6qvsvxUpduL6aP0lQa91oSDx6KBLVc-4-ldkCLYUADRj7aYWjCtJwcMca_iA4n8sZglAPO8RYnFMyHO5oPMWYGFMI3ukFKDJWcSzj1swnuQHCqMm_064Jd-LVXztgfNSSoKfmoghB85I0QCU-ZoBPHxMmH0MUaKFhcwrjRA27NWF5Jye0edo7dHmoC2h12fO_WVNCYStTMW0iIQTPoaNEgPH35JTbdjUBBm7iZi7F3wNoPCLx5s84b50VI2m1BLw7wNtLQDRWzepTYVmloS7nL4BNAdPpM9zWoXmdjZ6umutc2oPovm3AIlYVhFWnloIZa_OvkdLAZiD57i6sxMuzQZBlO1Xg-XGeoler_h_adUVt9dPPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1DCA 43 B
215 B 616ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=ef5c9656-c896-fe9f-7646-635725003ad3&tv=%7Bc:qJEHdh,pingTime:-2,time:332,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:506,bdZ:738,beA:752,beZ:754,mfA:1037,cmA:1038,inA:1038,inZ:1042,prA:1042,prZ:1048,si:1053,poA:1054,poZ:1069,cmZ:1069,mfZ:1069,loA:1078,loZ:1081,ltA:1085,ltZ:1085,mdA:754,mdZ:1026%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:299%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:332,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tjXhjU3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:301,sinceFw:30,readyFired:true%7D&br=c
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 open-icon.svg
s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/ Frame FDE3 739 B
500 B 56ms
55ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/img/open-icon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658b15da00eeb4c46131024f30119f582d0c4d46e3434ba2a1045999de575c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 22:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392577
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 14:21:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 22:51:51 GMT

GET
H3 200 DWSSansWeb-Regular.woff2
s0.2mdn.net/creatives/assets/4369730/ Frame FDE3 28 KB
28 KB 60ms
60ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4369730/DWSSansWeb-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac20dcf13424aa4a54bfb9a97b3630e410f1b121c001399297d78b248e71e24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:45:52 GMT
x-content-type-options: nosniff
age: 536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29036
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:05:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 12:00:52 GMT

GET
H3 200 index_300x250_google_atlas_P_1.png
s0.2mdn.net/sadbundle/8822642987549215541/images/ Frame 6BDC 62 KB
62 KB 57ms
56ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8822642987549215541/images/index_300x250_google_atlas_P_1.png

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 11:59:08 GMT
x-content-type-options: nosniff
age: 604540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63681
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:11:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 11:59:08 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3FC9 0
26 B 92ms
91ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuc-Fb4B8ANQk5HP4YM_YOvZcWQoM_8AeKt6hi63pI3UGvYdkkVRMtxZL1CCr7SZBI6PdfN-GQ5CdI6De3KKVTVkAzBrFWBDTIiyAePTQI43NeXlyYZPABUxCEVg4TdI5wCw8KAyzRPKOyOkg8EhCvMS5pILDeHnlbt-ziw3C40cpdiSjM0eQ-6ut2HtEK8Yva5Wd-9VaAtlb6Zxr-4p8mJOZHA10qv0CWINP0B3YmYDjtFMqnoabUnEkqHKvYEimlOys59miKy3INoZrKozzJoE1GH5rdvnHTsSQj7-ZXLAmz99JKvkibemjPpZfZfvewUlQjq8d-PTdjTNkkn-HXuofHsaMzrGKXWRu8BA88u3RbM4PMy5QEraMp2w2Ml0QJjw_upHGbNBAR17WNyzHqvxAqzGiBkHoDnH8ZHY0GLWw5pfLMpH_ZdEu_bJFjF4ouUy1j3PElAPQPXlQFuzAMah48z0IJDDUZWVI8ici9tbOy5qqIliLhS7IlYWBb6PaI1cHSFr-MOrM-Q1938WFy5q5xA4rncl34fbtAPwDWj6TdGI8A9SHK9yEQk7iedHykZmA1DxpPCmvl1DBmNKySkQIq5RtfIZRkK91AI6cvqvJJFbFdwrjmlCJr0B6Uxmjf50op-ncPRVfoyrEDAmSOto7eU6elvwdGK52Ultkum-PeC6291bqbfKmEeSDezFJuRGFfEJJiUeSE05F-o2TUi1ZG2_SMKhYG7p8vYIhcuU9EgFBLfXoeObQ_NIXm_5XakTSF8TDHCEhQoY7V432KlLodlOevJqWSN-fuyh6cHkV0d-xL8HhmR1j1bRev1ezxr6RhvKk8zx3WjBcBx34CarKQIhXEkwTqd6jF_-9_cxJV0Dehk3h_z-JW6lRZkXNXs8VR5a1v2pgSejxJho3WXH-euAoGsHFTZLe3IwjL2tM4I5rMu9t2-BTDZ472U1jHymtTPm5Nv5d96Sa7vzqKlJTU3IyBUGk7O6Zz5JxVMAHFuPrEQQZFDGAEBDyI0nJsbk1Z0xIMlXt-IzA4x-MrYob3hPNZ8EmoWWKeYijxe8SiyWylHr_OvgrqYZnRMIvUs4iN2n5HTaPAT4CJEk2mnRadzZfkaeFnUqPAlKf2EvZA_nsdt7HzHcEBNaNjMjtyw92QKrMYSV2QENHkFF5zUFIrMdXrKCH5g4JPQ22gH6T2ZrA&sai=AMfl-YRK1sChLJsaFGcBNmx2z54dopp-Ml3l0p5AFwfAl_ygOEkt4QBupBbQfjX87nDcKJ1wEObV1lRtmXgLN539vRKH64zhsv2pZqwY-hnxP9XnKx5YIQQBix5Yx_NCbHLy20ymg5NCz2puFykmxgP_Mh6D3TjL3Qu7TGPXuxsCjeo4RPs0xMRLmjsD8KsGduY00JqqQvHxXcr-oJBl47f9Yxd7w2eY0A&sig=Cg0ArKJSzD_Xy5gzosTVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=715&vt=11&dtpt=454&dett=3&cstd=258&cisv=r20221005.48276&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FDE3 7 KB
6 KB 176ms
67ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3dcbf4fc5f6c36a79c0e30bffaa6e0c538fe7558aad98edc77cd0f2ffb6458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5724
x-xss-protection: 0

GET
H3 200 DWSSlabWeb-Regular.woff2
s0.2mdn.net/creatives/assets/4369730/ Frame FDE3 31 KB
31 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4369730/DWSSlabWeb-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd6058bab23892b96292f3ee138daa1661219bf2e117acd6252a2f90c517dc4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:46:32 GMT
x-content-type-options: nosniff
age: 496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31535
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:05:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 12:01:32 GMT

GET
H3 200 dws_gi_594827903_xrackers_visual_thematic_white.jpg-v=452531184_1662024456608_dws_gi_594827903_xrackers_visual_thematic_white.jpg
s0.2mdn.net/dynamic/2/10927394/etf.dws.com/globalassets/campaigns/dco/ Frame FDE3 148 KB
148 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10927394/etf.dws.com/globalassets/campaigns/dco/dws_gi_594827903_xrackers_visual_thematic_white.jpg-v=452531184_1662024456608_dws_gi_594827903_xrackers_visual_thematic_white.jpg

Requested by

Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be989f3375d45b5813efab99c47e1a73c7407bd7ec599627f59441fa2514e86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:05:19 GMT
x-content-type-options: nosniff
age: 85769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151312
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 09:27:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 12:05:19 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DCA 0
26 B 93ms
92ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3Z5RIZIgehmh0KLJnxsi1FSp9HBLViWqLW3Ca6Cl6z23bV0wMq2TEjaGa7S5aFt2JpDDdT-BIVNHZZcQLCuwKYsQM7BQW491zolSFubAl6ZrQwZngGhB7QbN19zaUWdOewo6kpW8mmwvP3PlBA4u_kDX6QvXbl7kuhZuTiScv6X0cMgDJv4-vWupFZNdpMDg_uHn9dMhDnfsIWaR6TdoaxF1Ir5DNtwfuKs2bLAoV3DZNgj59dbotkxBEoOhp5qzENDaSIFvfABLP25res9ZKz8Y4asLmEchx2mMqtQ7SN9grClC6TM-AQmwQpsZl-6VL0sxl5tZgaIngKCz9oNPswoBPl9lztbBTAhHEOFhuullyXQ8mQCP3RdrlTMnmJ0j_RVXa4XF5Z-QtBoAj3ilUvJgRpYwf5RY6NTeDD9qNq63BOwFnzNjpKyFkncfOp17VlOp1RGyQCyd5feNeo8wy3z_GPtCPdaqTjx1NR1eyQToi__xTZk04vfdCLIc1VErK94dW6JkQzG9ycfl-QvthDAJCyndXn08SehxW9g6J-lzwigej8o5IPvgvyyWlIwVVix5hy1p5X2v8Npc0MyWOBqF_w0e0QdSoncRD6bs3cBFt50tuz1cejXGv7WBvcv2Hg19MiNBADkn2zdO0GwT9w9HvKtfj__gYcZyLRwZHlyE3jOBWjs1MPtlNKvdYL6RdQ7n2E3d4ujSDuz04GfBxAuPdAjJ4KqMUMckBBBqAX2o0k-1LjBbw82mz7FtVJXx803w36e3sL1X9cc0H2amGNbT5ZsTd9OGVYr53G0xafqsdjbfxamSg2ntbt_vOdPD5uWiocK5IjpniGUML-kve-C7XUxDAGDzl_-eBaKhxPF-eaFBwgfL1raIF6vdfW1RzBWxvMCnFXdg-05sBZvaR1q8dF8iYdN9r74PY5ZczyYivNxSQA17U_YDzIRGhmbzk_jyeeA3kmTtoMJx-x7eyM5EfjvndPzLKpYb3GFwCuOQvxH_x622PiyRsM1vVFqfTx3o57TaE_VIsj8z2Hv0i0w5PNfRHrvP1DaTnG0ZZk_YqcJpConIKDiu9dsrMtxiGbpAK_uwqeaLlla8kaJvk9XZ_nu1yfd6Q8CppmXuUoCr5GO3fKiDPHubEi-sdT2bGuKDRB0Jn_Iu0kJUxhERn-ZfDsQSipGsh1UP8fFR0YtHkxO6oaaKOm3sOFi9vgwH1&sai=AMfl-YTNmh5KLc86o60fEO55T59EL_T-XafH8Aei3ThhDdvOaKHWqTsTUJZqw8-UorPKbdkiipxkjEKOvBLK-Hs-H0sjFKJ1BBAHizY14phsMLXN2rB7DRhme72gXQHQGATrshHDEPtePghqbnz4-TWE-kjT9_V1RCUIOrmCjy3KoIrl12rID8PmvcaSk0JacKBaTEdHSxEAw0mYEJZHeifSsLceLxLYKw&sig=Cg0ArKJSzBCabhRwlJulEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=757&vt=11&dtpt=453&dett=3&cstd=298&cisv=r20221005.20618&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 index_300x250_google_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/8822642987549215541/images/ Frame 6BDC 68 KB
68 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8822642987549215541/images/index_300x250_google_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8822642987549215541/index_300x250_google.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 11:59:08 GMT
x-content-type-options: nosniff
age: 604540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69447
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:11:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 11:59:08 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1DCA 43 B
215 B 401ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=ef5c9656-c896-fe9f-7646-635725003ad3&tv=%7Bc:qJEHgK,time:547,type:e,im:%7Bimprf:%7Bttecl:740,ecd:191,tsecr:1%7D,pci:%7Btdr:221%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:547,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B261~0%5D,as:%5B261~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tjXhjU3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:301,sis:493%7D&br=c
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 dws_gi_594827903_xrackers_visual_thematic_white.jpg-v=452531184_1662024456608_dws_gi_594827903_xrackers_visual_thematic_white.jpg
s0.2mdn.net/dynamic/2/10927394/etf.dws.com/globalassets/campaigns/dco/ Frame FDE3 148 KB
148 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be989f3375d45b5813efab99c47e1a73c7407bd7ec599627f59441fa2514e86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6499343874152988672/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=Pa0CBwNrQA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:05:19 GMT
x-content-type-options: nosniff
age: 85769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151312
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 09:27:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 12:05:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FDE3 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 11:54:48 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1DCA 43 B
215 B 267ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=ef5c9656-c896-fe9f-7646-635725003ad3&tv=%7Bc:qJEHiU,pingTime:-10,time:681,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665489288336%7C%7Cec208196cd809905d1b03605a032ecfc%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C530d13fa45f426ef5e04693dcd8b3c13%7C%7C793a0cee9b48f197491e24bc707587ff%7C%7Ce24622267b8779fb47697c6950ad753a%7C%7Cdca6757b502e703de7beeba1cded1069%7C%7C6f4e188747a308ef2d57c7d3fb3fc635%7C%7C1663701684%7D
Requested by: Host: f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
URL: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame E7EA 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 19:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:24:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3FC9 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_LTX5-IH6ug5ISvmyZVNxnfMfjgVxTB3u_oA3WeWdsxhrW32BMdYcEfbnl6UrkZYRiuNZPIUEAk37S1KJyuEjLfjRkQx8TnBk0MMmCIh03Ac3_P5XIwhAH1-K6t-3x7V5RLwAdw&sai=AMfl-YRmOP4V7zOwGZjBhhhKjR6QtDnHLDBn88dden50zw5HBB8-6JMic1jSH8dOEPeVfLdkna60xxuYhdvmCdUwU5Kf28gZeWHgBx6j7Q4j4BAznUCFIXEgIoPW9EVhfbk&sig=Cg0ArKJSzLoAIktQFddPEAE&cid=CAASJeRo_D1HlfFmGEpI-WnnjfaMshZVQkxUglvCaFm5QVKC-NX7Noo&id=lidar2&mcvt=1000&p=328,1124,578,1424&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2673231228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665489286889&rpt=596&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1DCA 42 B
64 B 98ms
98ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssneYCfGL6H4vbHkgSFrNPzaBlhnWdZNN3A9X3ZZ85n_ht_j2C8Gr3uZare3s025JEuRx6vAaOtdgW5J6yMyjYtJhutHz0ONrcttSVaBdbV5gexG1HzD8zu_SeVPrIUHYuZYYTceQ&sai=AMfl-YQDSZO8h7MvL8NhfATAXoPiKfxBrfys9Wmju51etnraUkxIajPAgvppQ0RVoNijKY2Xssc5rA1K8lGFTQj423ns3yFIMFlao0TAbsadlZfIgCNVvWH65mfPhSHKlDI&sig=Cg0ArKJSzLidfAB6__9nEAE&cid=CAASJeRo286QlbnDXxn8Ap4J_wVC6pUn8nnofpUDYtOQbroXdCuTMbs&id=lidar2&mcvt=1000&p=733,1124,983,1424&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=465682209&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665489286903&rpt=612&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1DCA 43 B
215 B 129ms
128ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=ef5c9656-c896-fe9f-7646-635725003ad3&tv=%7Bc:qJEHtn,pingTime:0,time:1330,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:299%7D,%7Bpiv:100,vs:i,r:,t:1330%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1330,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1043~0,1~100%5D,as:%5B1044~300.250%5D%7D%7D,%7Bsl:i,t:1330,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1043~0,1~100%5D,as:%5B1044~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:750,fm:tjXhjU3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:301,sis:493%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:49 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1DCA 43 B
215 B 130ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=ef5c9656-c896-fe9f-7646-635725003ad3&tv=%7Bc:qJEHJw,pingTime:1,time:2331,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:299%7D,%7Bpiv:100,vs:i,r:,t:1330%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1330,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1043~0,1~100%5D,as:%5B1044~300.250%5D%7D%7D,%7Bsl:i,t:1330,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:131,fm:tjXhjU3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:301,sis:493%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:50 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1DCA 43 B
215 B 129ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1151929&asId=ef5c9656-c896-fe9f-7646-635725003ad3&tv=%7Bc:qJEHJx,pingTime:1,time:2332,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:299%7D,%7Bpiv:100,vs:i,r:,t:1330%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1330,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:299,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1043~0,1~100%5D,as:%5B1044~300.250%5D%7D%7D,%7Bsl:i,t:1330,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:131,fm:tjXhjU3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1b*.1151929-65580770%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:301,sis:493,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 11:54:50 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDH_Jss_gu5CJbiO10YhfM0&google_cver=1&google_push=AZmPxg_qqDcOKVRGLP0OgbVdeX1OEvYTPXoUg19PuXjqptFQ1d1txcjzs01oK3lHEPlbOqFnO1Tw3CSAg-BO2wRRdLuWwVEmUlihvw

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDH_Jss_gu5CJbiO10YhfM0&google_cver=1&google_push=AZmPxg-mJaLfdKRVW7pDa84DKZLMTaAynmfN02btJGZ1MgcX-OL3WeK7yzG4hQmimIIUuN-iDvqycdeprjVj8xhwlnQn7XyXJrobBw

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=648977286;

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.capital.ua/	1970-01-20 15:23:45	Name: sess Value: alk9d4e6afgv522p38n5gv86i3
.capital.ua/	1970-01-20 16:14:09	Name: _ga Value: GA1.2.816306241.1665489285
.capital.ua/	1970-01-20 06:39:35	Name: _gid Value: GA1.2.485031123.1665489285
.capital.ua/	1970-01-20 06:38:09	Name: _gat Value: 1
www.capital.ua/	1969-12-31 23:59:59	Name: b Value: b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: i3KlFgMR61Y
.doubleclick.net/	1970-01-20 15:59:45	Name: IDE Value: AHWqTUnW0yAqPGMpqeYgHca7V5_eMUaNdXLrT1-8cXiaQ54pkSIHsNqZBK2xRaQ8OuY
.capital.ua/	1970-01-20 15:59:45	Name: __gads Value: ID=b9eead65960c8381:T=1665489285:S=ALNI_MbnB6B1tPmLNhXTA7zOMT0UjZTEsA
.adnxs.com/	1970-01-20 08:47:45	Name: uuid2 Value: 3557150608981185411
.casalemedia.com/	1970-01-20 08:47:45	Name: CMPS Value: 1110
.casalemedia.com/	1970-01-20 08:47:45	Name: CMPRO Value: 1110
.adnxs.com/	1970-01-20 08:47:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hc'Gy3>F!@wnfH8K6pQK`!5=E<L5?%M>lfXBG1p()M_tL4FdMuNfn$ol?7wD2j90X$%nugO%v4VB%nmJR)iRg_
.casalemedia.com/	1970-01-20 15:23:45	Name: CMID Value: Y0VZhy2UIkNo.XhhpExOSQAA
.innovid.com/	1970-01-20 08:47:45	Name: uuid Value: e523a5df-129c-425b-8aa6-3514a4bc4a52-20221011 07:54:47
.casalemedia.com/	1970-01-20 08:47:45	Name: CMTS Value: 3258
.agkn.com/	1970-01-20 15:23:45	Name: u Value: C\|0CEAq2BYHKtgWBwAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 15:23:45	Name: ab Value: 0001%3AGyEwHrIhrTgn6hdzs2i57kaoz%2Faq%2FNj%2B
.e.dlx.addthis.com/	1970-01-20 16:08:23	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:08:23	Name: na_id Value: 2022101111544800010477868425
.addthis.com/	1970-01-20 16:08:23	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:08:23	Name: uid Value: 63455988d3d6a79a
.addthis.com/	1970-01-20 16:08:23	Name: ouid Value: 6345598800014532e11764c7a06660a8dbe41b7fb16f2db525ab
.dlx.addthis.com/	1970-01-20 07:21:21	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:21:21	Name: na_sr Value: 20221011
.dlx.addthis.com/	1970-01-20 06:38:09	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:21:21	Name: na_sc_e Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.capital.ua/(Line 11) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDH_Jss_gu5CJbiO10YhfM0&google_cver=1&google_push=AZmPxg_qqDcOKVRGLP0OgbVdeX1OEvYTPXoUg19PuXjqptFQ1d1txcjzs01oK3lHEPlbOqFnO1Tw3CSAg-BO2wRRdLuWwVEmUlihvw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDH_Jss_gu5CJbiO10YhfM0&google_cver=1&google_push=AZmPxg-mJaLfdKRVW7pDa84DKZLMTaAynmfN02btJGZ1MgcX-OL3WeK7yzG4hQmimIIUuN-iDvqycdeprjVj8xhwlnQn7XyXJrobBw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9TOPfbI3dVUMcKaEjBq3r1GgoiOg0hBkThNRlvrfkgemQcm7m2xV2mjaCmm4q0Y1EeaV3lHwIYS5ag5Pcw-FzBqsUBr_mV&google_gid=CAESEBMh8wWiJsrDJxYdFbMe1HE&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-KWmXKgv0xcJSwyaadsVftKMByT0ziMLZee4w5ehznX1jzOjl0rQsI3BMN5a3jXY6n3ddI-zo8RjrTvdiIXEPDFBGiQ4tr&google_gid=CAESEBMh8wWiJsrDJxYdFbMe1HE&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=648977286; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.atdmt.com
adservice.google.com
adservice.google.de
ag.innovid.com
apis.google.com
c.bigmir.net
capital.ua
cdn.gravitec.net
cm.g.doubleclick.net
connect.facebook.net
content.adriver.ru
d.agkn.com
de.tynt.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
f03929b3296541725973581f52d1d4e7.safeframe.googlesyndication.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
i.bigmir.net
ib.adnxs.com
ic.tynt.com
id.gravitec.net
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
platform.twitter.com
s0.2mdn.net
sc.tynt.com
securepubads.g.doubleclick.net
ssl.gstatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
tcr.tynt.com
tpc.googlesyndication.com
www.capital.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagservices.com
www.youtube.com
yt3.ggpht.com
ad.atdmt.com
googlecm.hit.gemius.pl
104.18.18.126
104.18.18.39
104.244.42.200
142.250.184.194
142.250.185.226
185.80.39.216
193.239.68.97
193.239.71.100
198.47.127.19
23.111.96.52
2600:1f18:1aca:4280:a871:9680:529f:f9f1
2600:9000:21f3:8a00:8:48e:53c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3031::6815:b0c
2606:4700:3037::ac43:9389
2a00:1450:4001:800::2001
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200d
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c0b::9c
2a02:6ea0:c700::20
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498
3.123.239.111
34.98.67.61
35.244.174.68
37.252.173.62
45.133.44.4
54.171.30.234
67.202.105.31
67.202.105.32
69.192.160.219
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
004a76283b9a4a63ff36ecc8a6b520da20b886791e87b5b1dafcb0e672379e50
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
071e2b1d9a2b097b02637097cf21b804874be907bb233c0d2da7ac9e60dc7d95
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13026dbf242c233de9ee074af44fb00562d9ceb94cd6cfa95dfbf192b40f1f56
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
1a0204474934112a6a39bedafb7614a689d6fec65a7423fa57fe5fd58369c6ac
1c835ee88b96ea90b7a8aff875a23ee80a6ac74fce186a84eebcec9d6fd068dc
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
2770e7ace13e2adcb0f89e207bbdc283e3a6f7cfa4e18bc920dec1a3301be3a5
280ac3665f7f04bc06d455d742eaa9c86ce23fd0eb830e094a81d64fc77c9c29
286125ae16ea43b1c5fd845a948850f0e7de05f45cd1af1a98c0f1a0ea7ec13d
291fcf6b0aea583079f4ea7c943852ddd668ad895ee08b0b557b372040d205a0
2ae76b693c9ae3d90eb97c87446852889c49a979eb8014e97cf9c3a9dcb8a3ed
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2cc3711aa62cfa90a7a11e0ece315d961f7bf08ab1f5c6730d106da0ab146813
350bced20d8c9ed3eccbc0b344aad8e292f6eef92752334683228761a257ac0f
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
37d8765d5193ba09bb3483c86e2b139dd03780f83ed45f08491f930fc2bad091
3a5cf1105d60aeb4bd2e6420554aecd6321e547a557a60adaefa03a482bdb1c5
3e7284d318cd4fe11463345aacc2c056edde135c6c7e6f52a74bfcbd4b0a005b
3ebd919eeb6e022bb3543d00bade694b24310e1da084d878048db142a7c51665
3f08af001134142200d0ef8e41ecb0f6f8d91951208c13f9e207e78d8f928b40
3f3dcbf4fc5f6c36a79c0e30bffaa6e0c538fe7558aad98edc77cd0f2ffb6458
40b39ecfb0a69c9b8b145596dc63355850353298908699a12b44cb343285d18c
4261168c69b8f0887385e3f95c5f7ea90f52d428ad1fe827a6d4beb5e36f9546
44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6
45009a4360ffe5364e2be9bea31dfdec6eedf10e6649bdaecf011ff88ba928a2
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
46a899fcd10cd4c8202b7419cab6439c2cda47a4507fec3fbf5f34a5480c4d85
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bca3d7095cfd66495e1ab002c3f29c473e8937598bb6587c9837b08eaa586e6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511a0d1515cd71096dd0a3043120145478906f49a659403c4863820559499fc5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5aa7357513ae62edeec06a9ff700c76e506a6d54945a572ac16249e8048e55af
5ad6f5f8daa1d32b6ac0d0dba787f1a014c159d0b5836f72bc699080f664d176
5c382d2bf635635c648c032cde0c09b8f89e48d14d241f7d0c99530608f4daef
5f9260505cb5526e66a90f881f03937ac90713ccd18b2e8ff87d1675b388aea8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6247f7daed995cfb08f37d0007fad0cb1d63ef1b2de5cecf9c0ab86d85a5d65a
631c272f7f88a030ed11f904ab44f1015e8a2a04fe5a75af36dc0a098f29ca49
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
658b15da00eeb4c46131024f30119f582d0c4d46e3434ba2a1045999de575c7f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
75aaec4b62fba6c84cb3c62422aaf9ac5daa12d8f6682f2e332d2a6ab24592d7
75fc4d5fdba1168095aaf79db885f0a113eaca31f162fdc1a3ca3f90cb488def
7659dc6c77000ec4b6745b5e6af107bd30ad9a0e92bfc0e406d5209ede488608
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
7bc49078cd148b10b22ed5e18498755305d5615ee7556aeafaec2f23c32044ff
7c22238b94a54738b7abd0a017c2aa6a4edba9f4c18cf6192a6953bd753c07a9
7c94c9af82fd4dc9f46f53f948932829c6d17982e61625a5aa8ccd9339ee35aa
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d3c04e9e7e6154c1ca2e831613a83c093486264c3f1e0353b3d0fb9e23129f9
8f1434fcc1c3e4d64725d65a1a331197eeaf74a32d4cb9e5e4934ab3944b57ac
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
96aec8c9f7981a987d0bacb3de756545e59a163f7fc94c47eea050b2f06316dd
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b9609b8da557c857c66841c6597da0d8d6497d90d70c046028a9b87bff13c90
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0cf09bd9f43169d5c8293631fc8c1a507f227a1ccd0f688d68e1334d5fcef8f
a1ddc44e3081c49237803054c042aaecc07bb19cd5881c1f331e7a1da9aa1ede
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6510ef653683c5505f61efcbc4e20c133b2a341e165910ff132d417fc036ecb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac20dcf13424aa4a54bfb9a97b3630e410f1b121c001399297d78b248e71e24a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adb6dea2eba69c0d38e1c266ad8c084e40e48b3c0a0afce50c66502db396a979
ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17
ae9f8b2245fd6258201abe84a8d5f0800b0c96bbd5525cee109e4ca89741ebed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4917a5290466244353dc49caa11b14916816e7523850ff103fabb5484222e0a
b510daf4a269c50ee4669c06f25d6b141676acfd21d3faa9663a19e96ac2cf01
b83f16828bd83d0d23827633f90ff31b26ce65269772607912ae09f6c69ec9f2
bbfedbec8c19e0e93646a74d2a83346d563db2821b2f0ae2c0bb5e43989612cc
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be66554323059a0abbfa9f331f06186ebc979027fe2c85f15ee79e4aa593b8b2
be989f3375d45b5813efab99c47e1a73c7407bd7ec599627f59441fa2514e86c
becd9cd31e79ef80bb6bcdb9207b290bea241fd320b4e2ae6d96aa453e2921b0
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9
c6022b9877bec4a03206412f11da47ccd5529399b152f41b9c7f0f3a0368e32f
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cedd780f76a420cb35b50a5a67dd45a38504ea9d5cb8f659f0539a4b19c3c8fb
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d32f16a8513989400a9e3311f0c1cd68bcada10f0b280c4349a8e067e144abf2
d75dc75cb106de2457bd8b4c6ec3bfcb6956ec5a71ae1d63bd3c04bca50d0c04
da3c981f6bf95fe8db35c146864e5cf3dd12629729f5a89e3eabdd4900defd0b
da5f594eb6878dfab19074dcff35c5bd07f96f882ada6026be24c1784ce32855
db54105fde6a0d05b0128e79b9cb1f62c03f6b1ad56f2f3d4c276b502b89e58a
dcaf67aaced809a8a66e31ea3e7c0623de21c3a3509f3af9e70574bc9d420dce
df77af06dbfec79a329c9870b8fb8ace8335f2dc9bddbd0c788e3cc7396bffd7
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e51dcfbdefd8df1bf0362141d99c3ebac9212c70ff3380b6594325ebb987f92a
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ea965f2d4e5b154a019c3fe34d6214b36105de91280ed7256a603d5be60c8cfc
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed2a076a4c12a6e14bd182d8d778639b87432bb84ff2c1e51ee569a21aec4b96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795
f04fa8e54a4b29df65e453963d74219400684d053364bd67e79590bb4693b944
f72c00b15f5e8de9e6d3b0ce7cb5844461b95b80b2765684e8251674898602e7
f799afebaa0125cc2e1d05bb4559d198d1092b87f20951d3a3d84994e07561de
fd6058bab23892b96292f3ee138daa1661219bf2e117acd6252a2f90c517dc4e
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.capital.ua Open in urlscan Pro 2606:4700:3037::ac43:9389 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

92 %HTTPS

57 %IPv6

31 Domains

50 Subdomains

40 IPs

9 Countries

2723 kBTransfer

6663 kBSize

26 Cookies

1 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.capital.ua Open in urlscan Pro
2606:4700:3037::ac43:9389 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

92 %
HTTPS

57 %
IPv6

31
Domains

50
Subdomains

40
IPs

9
Countries

2723 kB
Transfer

6663 kB
Size

26
Cookies

206 HTTP transactions
3 data transactions