kolobok.ua Open in urlscan Pro
193.29.200.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kolobok.ua/
Effective URL:
https://kolobok.ua/
Submission: On May 29 via api (May 29th 2022, 8:42:57 am UTC) from GB — Scanned from GB

Summary HTTP 363 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 56 IPs in 12 countries across 63 domains to perform 363 HTTP transactions. The main IP is 193.29.200.162, located in Ukraine and belongs to UMHAS, UA. The main domain is kolobok.ua.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.

This is the only time kolobok.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	193.29.200.162 193.29.200.162	197203 (UMHAS) (UMHAS)
1	91.198.36.26 91.198.36.26	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
10	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
37	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
6	192.229.233.25 192.229.233.25	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
7	78.159.118.240 78.159.118.240	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	193.29.200.142 193.29.200.142	197203 (UMHAS) (UMHAS)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
16	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 11	185.180.223.221 185.180.223.221	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1 3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	167.71.9.19 167.71.9.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7 8	35.158.225.181 35.158.225.181	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	190.2.151.10 190.2.151.10	49981 (WORLDSTREAM) (WORLDSTREAM)
1 1	185.132.133.134 185.132.133.134	49981 (WORLDSTREAM) (WORLDSTREAM)
1 1	190.2.153.150 190.2.153.150	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2.20.86.213 2.20.86.213	16625 (AKAMAI-AS) (AKAMAI-AS)
2	91.198.36.35 91.198.36.35	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
2	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
5	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1 5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
8 33	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
5 7	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
54	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 4	52.52.17.9 52.52.17.9	16509 (AMAZON-02) (AMAZON-02)
4 4	52.28.166.91 52.28.166.91	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2 2	2600:9000:224... 2600:9000:224a:3600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	63.33.35.114 63.33.35.114	16509 (AMAZON-02) (AMAZON-02)
1 1	18.158.14.110 18.158.14.110	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 2	3.64.25.227 3.64.25.227	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
363	56

38 193.29.200.162 (Ukraine) 1 redirects

ASN197203 (UMHAS, UA)

kolobok.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.phnx.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua

i.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.229.233.25 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 78.159.118.240 (Munich, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 193.29.200.142 (Ukraine)

ASN197203 (UMHAS, UA)

exchange.informer.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.180.223.221 (Naaldwijk, Netherlands) 2 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.vidver.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bgstats.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.158.225.181 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.240 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 190.2.151.10 (Naaldwijk, Netherlands) 2 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-10.hosted-by-worldstream.net

ad.mediawayss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.outstream.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.132.133.134 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net

ad.adopx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.2.153.150 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)

ad.invamia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.86.213 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-86-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)

h.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.236.247 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.52.17.9 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-17-9.us-west-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.166.91 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-166-91.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:3600:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.35.114 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-35-114.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.14.110 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-14-110.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.25.227 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-25-227.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com	887 KB
54	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 242	617 KB
54	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271	324 KB
32	kolobok.ua 1 redirects kolobok.ua	957 KB
18	informer.ua exchange.informer.ua — Cisco Umbrella Rank: 715747	108 KB
14	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	251 KB
13	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 47714 inv-nets.admixer.net — Cisco Umbrella Rank: 2172	198 KB
10	mox.tv 1 redirects ad.mox.tv — Cisco Umbrella Rank: 44437 bgstats.mox.tv — Cisco Umbrella Rank: 55895	95 KB
8	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 269	4 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 643 syndication.twitter.com — Cisco Umbrella Rank: 881	214 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494	6 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	umh.ua cdn.umh.ua — Cisco Umbrella Rank: 280690 z.cdn.umh.ua — Cisco Umbrella Rank: 303790	8 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	237 KB
6	phnx.click api.phnx.click	3 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 54211 ls.hit.gemius.pl — Cisco Umbrella Rank: 13350	18 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1401 m.addthis.com — Cisco Umbrella Rank: 1364	219 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 802	3 KB
4	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 460	1 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 492	2 KB
4	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 149802 i.bigmir.net — Cisco Umbrella Rank: 298726	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	58 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 97	327 B
3	holder.com.ua i.holder.com.ua — Cisco Umbrella Rank: 333433 h.holder.com.ua — Cisco Umbrella Rank: 321907	4 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	799 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	954 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3455	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 564	1 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1156	150 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 691	883 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 539	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4349	748 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 536 pixel.everesttech.net — Cisco Umbrella Rank: 2982	916 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 918	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 348	419 B
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1417 pbs.twimg.com — Cisco Umbrella Rank: 724	11 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
2	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 174755	24 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8526	914 B
2	quantserve.com pixel.quantserve.com — Cisco Umbrella Rank: 412 cms.quantserve.com — Cisco Umbrella Rank: 936	735 B
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 847	43 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	86 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 671 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2230	38 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2733	172 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1375	297 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 840	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 531	761 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 38556	612 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 449515	169 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1603	1015 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 341	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	644 B
1	vidver.to ad.vidver.to — Cisco Umbrella Rank: 92337	483 B
1	vidverto.io 1 redirects ad.vidverto.io — Cisco Umbrella Rank: 58280	547 B
1	invamia.com 1 redirects ad.invamia.com — Cisco Umbrella Rank: 76940	561 B
1	adopx.net 1 redirects ad.adopx.net — Cisco Umbrella Rank: 80327	577 B
1	outstream.today 1 redirects ad.outstream.today — Cisco Umbrella Rank: 77195	592 B
1	mediawayss.com 1 redirects ad.mediawayss.com — Cisco Umbrella Rank: 72564	613 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 409	736 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 419	5 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2136	1 KB
363	63

	Domain	Requested by
54	s0.2mdn.net	kolobok.ua s0.2mdn.net
37	pagead2.googlesyndication.com	kolobok.ua pagead2.googlesyndication.com z.cdn.umh.ua googleads.g.doubleclick.net 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
32	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com kolobok.ua 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
32	kolobok.ua	1 redirects kolobok.ua
27	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
18	exchange.informer.ua	kolobok.ua exchange.informer.ua cdn.jsdelivr.net
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com cdn.jsdelivr.net googleads.g.doubleclick.net 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com kolobok.ua www.googletagservices.com
14	cdnjs.cloudflare.com	kolobok.ua cdnjs.cloudflare.com
10	cdn.admixer.net	kolobok.ua cdn.admixer.net
9	ad.mox.tv	1 redirects z.cdn.umh.ua ad.mox.tv kolobok.ua
8	x.bidswitch.net	7 redirects kolobok.ua
6	googleads4.g.doubleclick.net	kolobok.ua
6	www.googletagservices.com	ad.mox.tv googleads.g.doubleclick.net 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
6	z.cdn.umh.ua	cdn.umh.ua
6	platform.twitter.com	kolobok.ua platform.twitter.com
6	api.phnx.click	kolobok.ua cdnjs.cloudflare.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	1 redirects 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	pm.w55c.net	4 redirects
4	pixel.advertising.com	2 redirects googleads.g.doubleclick.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	gaua.hit.gemius.pl	1 redirects kolobok.ua gaua.hit.gemius.pl
4	s7.addthis.com	kolobok.ua s7.addthis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	inv-nets.admixer.net	cdn.admixer.net ad.mox.tv kolobok.ua
3	www.facebook.com	1 redirects kolobok.ua connect.facebook.net cdn.jsdelivr.net
3	i.bigmir.net	kolobok.ua
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	ssbsync.smartadserver.com	167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
2	s.ad.smaato.net	2 redirects
2	c1.adform.net	2 redirects
2	pool.admedo.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com kolobok.ua
2	s.znctrack.net	kolobok.ua
2	h.holder.com.ua	i.holder.com.ua
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	unpkg.com	ad.mox.tv
2	connect.facebook.net	kolobok.ua connect.facebook.net
2	www.google-analytics.com	kolobok.ua www.google-analytics.com
1	tr.blismedia.com	167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
1	ag.innovid.com	167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
1	odr.mookie1.com	167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	pbs.twimg.com	kolobok.ua
1	cdn.syndication.twimg.com	platform.twitter.com
1	loadercdn.net	kolobok.ua
1	www.gstatic.com	googleads.g.doubleclick.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ad.vidver.to	kolobok.ua
1	ad.vidverto.io	1 redirects
1	ad.invamia.com	1 redirects
1	ad.adopx.net	1 redirects
1	ad.outstream.today	1 redirects
1	ad.mediawayss.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bgstats.mox.tv	kolobok.ua
1	pixel.quantserve.com	kolobok.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	c.bigmir.net	kolobok.ua
1	cdn.umh.ua	kolobok.ua
1	cdn.jsdelivr.net	kolobok.ua
1	stackpath.bootstrapcdn.com	kolobok.ua
1	upload.wikimedia.org	kolobok.ua
1	maxcdn.bootstrapcdn.com	kolobok.ua
1	i.holder.com.ua	kolobok.ua
363	84

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
mediadim.com.ua
www.bigmir.net

Subject Issuer	Validity	Valid
kolobok.ua R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
holder.com.ua R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
api.phnx.click R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-19` - `2022-11-17`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
cdn.umh.ua R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-07` - `2022-06-05`	3 months	crt.sh
exchange.informer.ua R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
c.bigmir.net R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
ad.mox.tv R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
img.com.ua R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
bgstats.mox.tv R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-27` - `2022-09-05`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
loadercdn.net R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-04-21` - `2022-07-20`	3 months	crt.sh

This page contains 51 frames:

Primary Page: https://kolobok.ua/
Frame ID: C3A6F846A19EF3A8C5E6BB223CA3FAF1
Requests: 139 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 54D379D80E539DB65200E731F9EBDF8C
Requests: 6 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: 1DFDFB80E270604E2215EC5FF4DC5299
Requests: 6 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: D6AD9CA6A0915EE7ADE0322ABDEA2A90
Requests: 6 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: CC1F5ECDCAE3A5917C23EA5F54064B5C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: BA3DC8959F0429661BA0B604DB904196
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Frame ID: D3481241AE974A50CF5E2B31B159AFFD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: F902CE14C6C4760F88611737CB10FA05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1653813769&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768841&bpp=2&bdt=661&idt=315&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=424785742066&frm=20&pv=2&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=332
Frame ID: 175372C1F73466CE2B3101AF7DCD2EF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653813769&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768863&bpp=2&bdt=684&idt=317&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cr5Fl2u3iz&p=https%3A//kolobok.ua&dtd=324
Frame ID: 0EC15EFE8998AE9CA0775EECB98ACCC8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330
Frame ID: 11A81A7B1B625345F3DC23405CA36040
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330
Frame ID: F900C034FA43791065FAB3CFEA6E5F69
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 9BBD90B71070625A201BD70D0747411B
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: 5F52CEE10186193EAD77186876CB511A
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 123FDB576C329AE6F34028C74B12883A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua
Frame ID: F796DD1D008577E9DB6134CD27ACAB81
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfa643804bb9d44%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff3ebd6356eb8f8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Frame ID: 2A2F2E21C50FF388CC008B72DDC0B8AB
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 01147F03E2571BB6E78EC36C3A9966E8
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 496FAFB2196D9C68CE489CD9B70997C5
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: B747150C0D912279F54C7F5B8822E147
Requests: 1 HTTP requests in this frame

Frame: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 67B101B8BFB2B204DF511B7C330F4823
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html
Frame ID: 14B71283E2AD7675D161901D5826B5D6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BFC413C58611B4690F012CDFCE9121C2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Frame ID: 37D94BB72D66F3279F4EE4C84678AC81
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 3CCC32251D6D2321AF8BA2BA794C068A
Requests: 1 HTTP requests in this frame

Frame: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 51E66CE0303FFA31E1F3BA13A17A7FC9
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Frame ID: 73DD7EE8FD42E54656F8D06F12464373
Requests: 2 HTTP requests in this frame

Frame: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5A788B5C6C5895E5C6F0B0F5ACFFE006
Requests: 17 HTTP requests in this frame

Frame: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2BA43FCDC1D1C279870AA8EFBB3B6D82
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNWBz0jwbAA5casxT1GTHSPk0CrmGMxiZVbPhKrRcMv9TkYzgx4c3a0xYCtaGFYlpPUgXtHgdDxJwFl8ancU815iuTNGMGmvuc0S8QNXBcwN3n-U440l7egh_sfyt1rpEtW9zMOiKl3s0eHkDXyO7tjEsgO7x3HtXZ7yb-s5T6AxREMkTz-xDafodl3PDL4cjJnqpJoH
Frame ID: 1B2607B4367B3ACD9563ED3637ECFF7E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNVsGn2L_0fovQBkuKdzZ42Dr-KjSAeF25KP13KnKGBHYROLERP7rHWI8TUc-JaTxYNd_ddzSR8Qc89JSSJJjeWrZIK9ncAITVznMMgHU5waAGl5deC6KP9rgNEp0qkb2Je8Rx313W0smMdZ4SL8ixfgx0j7OsDLF81g2JMosSOZ-4M7mL8
Frame ID: 1DF9A6ABDB5342D306D4C7B71B1CB4B8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNUcm8q33yH1nq4zSHq1yHLgBsX5cVbwV9GQVs1ifPlNQch0fGvR1fcyItiWymXXBSDlBOgFFrn8lYFQD_2PagsqyCMtcLhY7P3UkLs5hlpsn4603DCG69duJVBeWMRrNeoVn9sKelGHOot0rU6vCkE0Q7pnXYPhCDeAYoIVWmRa9PNRdr4
Frame ID: 486FB7183BE676348ADD7DA5427D7BF5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E2928BB7CB6ACFADAE2E9199242C1329
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09DA6EB9A1058018BAB7343EEFA6054A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 379E8DEEA467161F2845F4F0D81EBC38
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8009E5386147CC7FDA0189EDC919643C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 725DBBF346F76E08C4589A638139A91B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B0E5A19ABB06FB1896862D61C88626CF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
Frame ID: 82AF1422B16D7CC3024D317A2DD057CC
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
Frame ID: 687240B17A7716B46CACAE7EDFF8D00C
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
Frame ID: AFD82122A8345E1AC16F25ACE2D9F1C3
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Frame ID: 65EB8187280FD21441B0C8DD8DA83B83
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Frame ID: FF58D92D955D86BCD83B99BD21563E4E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Frame ID: 8CB8572F87E79278F9C5ED09220DAA98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330
Frame ID: 62023836249B6933C29C0AE30F15DFD3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa643804bb9d44%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff3ebd6356eb8f8%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300
Frame ID: D20E03C803F0BE9555619C5326749311
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: CCF7CC160380CDB60DB3F130AB65255F
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: EB97392D81FC667243B6DC63B016CDF1
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 84DF17AFCB2EA7FC1067D039528A5DED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 10B2127D08785411D5FB59AA630F60CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 972BECA635B9DA8F36DD8DAF62885F0F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дети, родители, семья и отношения - KOLOBOK.UA

Page URL History Show full URLs

http://kolobok.ua/ HTTP 301
https://kolobok.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

363
Requests

90 %
HTTPS

37 %
IPv6

63
Domains

84
Subdomains

56
IPs

12
Countries

4440 kB
Transfer

9451 kB
Size

89
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/kolobok.ua.group/

Search URL Search Domain Scan URL

URL: https://mediadim.com.ua/donate/
Title: Допомогти журналістам

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kolobok.ua/ HTTP 301
https://kolobok.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://gaua.hit.gemius.pl/_1653813769083/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=UaDGRJ281m7.lajE91NiBngfzHUACbgTZse9SQf96Qn.p7m7YKrOtI3wWc8c_0DZVOfBC1rWoE8o.qhXsM4gUQlepKs0/a01QW2mChB5Ih/&ltime=319&fpdata=FyiLwfxGlE_Edk15F6qIEtK91zhfpPzhsjaXZcQaAyP.X7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1653813769083/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=UaDGRJ281m7.lajE91NiBngfzHUACbgTZse9SQf96Qn.p7m7YKrOtI3wWc8c_0DZVOfBC1rWoE8o.qhXsM4gUQlepKs0/a01QW2mChB5Ih/&ltime=319&fpdata=FyiLwfxGlE_Edk15F6qIEtK91zhfpPzhsjaXZcQaAyP.X7&fpcap=

Request Chain 110

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=dfe70047-7960-477f-9821-0c1e44fbc7a0&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=dfe70047-7960-477f-9821-0c1e44fbc7a0&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3Db4693fca-0e03-4d27-8432-f9143fe553ad&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=c3bc6293-320b-4700-9047-82110a43f9e8&expires=30&ssp=prodoohmox&bsw_param=b4693fca-0e03-4d27-8432-f9143fe553ad&gdpr=0&gdpr_consent= HTTP 302
https://ad.mox.tv/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad HTTP 302
https://ad.mediawayss.com/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
https://ad.outstream.today/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
https://ad.adopx.net/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
https://ad.invamia.com/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
https://ad.vidverto.io/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
https://ad.vidver.to/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=

Request Chain 126

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa643804bb9d44%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff3ebd6356eb8f8%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfa643804bb9d44%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff3ebd6356eb8f8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Request Chain 179

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1&C=1

Request Chain 228

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpMyCrWNpmS4pYBqU.EeWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1&google_hm=2

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENbwg68eOdskZgoFOxTSv2w&google_cver=1

Request Chain 230

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU1NTE0Njk4OTkwNjM0MjI3Mw%3D%3D

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDDVRTx_O98N6M3uO17tSjg&google_cver=1

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEE1xOIIX8ACphfFFlqOnZug&google_cver=1

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvxJAkOVQzKO87SS2bPB9k&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvxJAkOVQzKO87SS2bPB9k&google_cver=1&__user_check__=1&sync_id=52f202da-df2b-11ec-8098-175cf56a0206

Request Chain 239

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=52ef2693-df2b-11ec-8c53-1d7abbad0406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTJlZjI2NTctZGYyYi0xMWVjLThjNTMtMWQ3YWJiYWQwNDA2

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDMHu4R55YAqS7ivljU0J_c&_origin=1&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDMHu4R55YAqS7ivljU0J_c&_origin=1&google_cver=1&verify=true

Request Chain 241

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

Request Chain 258

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPJEbyRedqCoRYq0T60hMxJ0UCnnqvM_4ctzJuDLJp-AmH2kx-15wEQPo1QBpzZC4lQratJPmIYuDEqRGsquU9yEkvEwtj_Q HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPJEbyRedqCoRYq0T60hMxJ0UCnnqvM_4ctzJuDLJp-AmH2kx-15wEQPo1QBpzZC4lQratJPmIYuDEqRGsquU9yEkvEwtj_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d3Byb1lQamQxTlZldkY1&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPJEbyRedqCoRYq0T60hMxJ0UCnnqvM_4ctzJuDLJp-AmH2kx-15wEQPo1QBpzZC4lQratJPmIYuDEqRGsquU9yEkvEwtj_Q

Request Chain 259

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDse8ZCNdEDKfLAnuamhBS8&google_cver=1&google_push=AYg5qPLilFMMwPt5fB1Quhes-PlhSSWY8IYf2wIrx9I50XcIn9Oea7YowAGiBaFwkxS35hRRnqKNfvsleewdQSTavFWfpVwl8DUKYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDse8ZCNdEDKfLAnuamhBS8&google_push=AYg5qPLilFMMwPt5fB1Quhes-PlhSSWY8IYf2wIrx9I50XcIn9Oea7YowAGiBaFwkxS35hRRnqKNfvsleewdQSTavFWfpVwl8DUKYA

Request Chain 260

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAlddZop7k9tpaCJvhGYFm8&google_cver=1&google_push=AYg5qPLqVO1HMFwoIDYReGReHKRT9RoWWwkwuHr1Ezw7U3YumHPx96xV_YfrX5dwjVWqocTDQERIYnKRMcZfERC_z1M5k7hMvet-ow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLqVO1HMFwoIDYReGReHKRT9RoWWwkwuHr1Ezw7U3YumHPx96xV_YfrX5dwjVWqocTDQERIYnKRMcZfERC_z1M5k7hMvet-ow&google_hm=aCW_ryvuTpWB4imKvYM6CCo

Request Chain 261

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELczLL0dlg97zYx4aD8FsqE&google_cver=1&google_push=AYg5qPIFASl-tELGgYBmV5Yf1-iAzn98N8EtPFvS50Au5wDVQGm9BI49-a8aCn3H9ataxwOaDbMJBAnR7RY83Uv8GJiYjeqIrAXayQ HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=b4693fca-0e03-4d27-8432-f9143fe553ad HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=b4693fca-0e03-4d27-8432-f9143fe553ad HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=24b36bf8-4386-439b-accf-de84f1f9b9ed&user_group=1&ssp=google&bsw_param=b4693fca-0e03-4d27-8432-f9143fe553ad HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=tGk_yg4DTSeEMvkUP-VTrQ== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESELczLL0dlg97zYx4aD8FsqE&google_cver=1

Request Chain 262

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFIaTvFO0WdrlaiDSCVHSZ0&google_cver=1&google_push=AYg5qPJyfUpJdBA80yBMN6-bSVNvM7P6FaAyY15I6oABtcTmGVcYp1m4Iy-Z1M9cY6CgrTnBE6gHzUMnoVrRIRf9qojHD3Gac52Wqw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFIaTvFO0WdrlaiDSCVHSZ0&google_cver=1&google_push=AYg5qPJyfUpJdBA80yBMN6-bSVNvM7P6FaAyY15I6oABtcTmGVcYp1m4Iy-Z1M9cY6CgrTnBE6gHzUMnoVrRIRf9qojHD3Gac52Wqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYzNjUxNjkzOTc3ODQxNTcxOA&google_push=AYg5qPJyfUpJdBA80yBMN6-bSVNvM7P6FaAyY15I6oABtcTmGVcYp1m4Iy-Z1M9cY6CgrTnBE6gHzUMnoVrRIRf9qojHD3Gac52Wqw

Request Chain 263

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIfIatbvtjSqCQiJLSHVsb4&google_cver=1&google_push=AYg5qPJij7Fz2fI2aJgMIY57LNmAhdDgdqIU4KoHXz9bnozMGdE1UvMHUJk5NIzg_vcm11d0oOv1DM1V-SVp-xSqzk0zUjABKKFU1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJij7Fz2fI2aJgMIY57LNmAhdDgdqIU4KoHXz9bnozMGdE1UvMHUJk5NIzg_vcm11d0oOv1DM1V-SVp-xSqzk0zUjABKKFU1g

Request Chain 268

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJmVTrZ6f9pKyTZ3jyHV3eFCstX_5SLVtIUVws8nd4VjlaQ7nXmVet20c9zxgXD-m5cF_0-MrCgyzaAhkMrD5FGAPcQxqvgrA&google_gid=CAESEPhc22J-UGVSTLmDYZE2wsw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBNeUN3QUFCTktBYm5sZA&google_push=AYg5qPJmVTrZ6f9pKyTZ3jyHV3eFCstX_5SLVtIUVws8nd4VjlaQ7nXmVet20c9zxgXD-m5cF_0-MrCgyzaAhkMrD5FGAPcQxqvgrA

Request Chain 269

https://d.agkn.com/pixel/2175/?google_gid=CAESEGB9NctM3bruvCUK1QJwfkQ&google_cver=1&google_push=AYg5qPIKf8Ehw8dLD1F8UpbbTriruF3Xu9bxv91vrss4rFYh_N8RPebwvhYgC8PC-p5_4KpqkI5zmCVUAI7L4L2-8La0BCo5uuan HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIKf8Ehw8dLD1F8UpbbTriruF3Xu9bxv91vrss4rFYh_N8RPebwvhYgC8PC-p5_4KpqkI5zmCVUAI7L4L2-8La0BCo5uuan&google_hm=Q0FFU0VHQjlOY3RNM2JydXZDVUsxUUp3ZmtR

Request Chain 271

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFqxmCw6XxkM_2WfpQJVRdI&google_cver=1&google_push=AYg5qPIgz6QBD3V30nSirj-dni14N2ekaUCuQNbC_btcWVvScrt9ueuB3SS7LzDB1pYPoq5PNnwzgTzH9KWIT4-kFScUdrRk8B4bnQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFqxmCw6XxkM_2WfpQJVRdI&google_cver=1&google_push=AYg5qPIgz6QBD3V30nSirj-dni14N2ekaUCuQNbC_btcWVvScrt9ueuB3SS7LzDB1pYPoq5PNnwzgTzH9KWIT4-kFScUdrRk8B4bnQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JwHSjPAQRde8gj_lYEtvdg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgz6QBD3V30nSirj-dni14N2ekaUCuQNbC_btcWVvScrt9ueuB3SS7LzDB1pYPoq5PNnwzgTzH9KWIT4-kFScUdrRk8B4bnQ

Request Chain 272

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPvydq4ps0uP6Ha6B86bWvQ&google_cver=1&google_push=AYg5qPKNf0Jtfd44g8u7YwnHestSezfSyU4FpR5jeERPpwXnP_GNcjqhh1mvDHG5xzt87scIaSyd9rdM3bYZ14fRFnnePI21dyaQUw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPvydq4ps0uP6Ha6B86bWvQ&google_push=AYg5qPKNf0Jtfd44g8u7YwnHestSezfSyU4FpR5jeERPpwXnP_GNcjqhh1mvDHG5xzt87scIaSyd9rdM3bYZ14fRFnnePI21dyaQUw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpMyC8mzo5Db6asL8nD-MgAAAp4AAAAB&google_cver=1&google_push=AYg5qPKNf0Jtfd44g8u7YwnHestSezfSyU4FpR5jeERPpwXnP_GNcjqhh1mvDHG5xzt87scIaSyd9rdM3bYZ14fRFnnePI21dyaQUw&google_gid=CAESEPvydq4ps0uP6Ha6B86bWvQ

Request Chain 276

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPKeVdk0c1eN-_6XgL8e4Ye7gl7Bk4amqTxW8yhZkVkFzxHjARfi3HvZyyP3X7mKUm8nUdddb98ilmFNzVkNJ1phFunb4nGE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPKeVdk0c1eN-_6XgL8e4Ye7gl7Bk4amqTxW8yhZkVkFzxHjARfi3HvZyyP3X7mKUm8nUdddb98ilmFNzVkNJ1phFunb4nGE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDB3cVpBS24xTlZldkY1&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPKeVdk0c1eN-_6XgL8e4Ye7gl7Bk4amqTxW8yhZkVkFzxHjARfi3HvZyyP3X7mKUm8nUdddb98ilmFNzVkNJ1phFunb4nGE

Request Chain 278

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELczLL0dlg97zYx4aD8FsqE&google_cver=1&google_push=AYg5qPI-UXbm0KVNpmrp3GJt7EHzEfKxsfjfiPALV7rtUdxg29xuStqcvlBw1q3-AztyMaiVAdYLVxhOdn87u-V0uwNH3kgFd8xsSw HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=b4693fca-0e03-4d27-8432-f9143fe553ad HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=b4693fca-0e03-4d27-8432-f9143fe553ad HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=96ba81ba-af83-4efd-a315-9f9e56d1a388&ssp=google&expires=30&user_group=5&bsw_param=b4693fca-0e03-4d27-8432-f9143fe553ad HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI-UXbm0KVNpmrp3GJt7EHzEfKxsfjfiPALV7rtUdxg29xuStqcvlBw1q3-AztyMaiVAdYLVxhOdn87u-V0uwNH3kgFd8xsSw&google_hm=tGk_yg4DTSeEMvkUP-VTrQ==

Request Chain 279

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIfIatbvtjSqCQiJLSHVsb4&google_cver=1&google_push=AYg5qPLvotkg6tUN4p7B9XuyhmyHZCJ8F6JRQi17fPljWfpF3qAPYwZep4T2kDv4neKvFj3fj0VhrjjHZhka8vum81e-BhKbXWf-hA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLvotkg6tUN4p7B9XuyhmyHZCJ8F6JRQi17fPljWfpF3qAPYwZep4T2kDv4neKvFj3fj0VhrjjHZhka8vum81e-BhKbXWf-hA

Request Chain 280

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKEWZY5iqDsRBfM3F4m3FQU&google_cver=1&google_push=AYg5qPInpzv7-MNPn9IhS7RNtFpbcAi5uGNtR1f0VzDkzKnQiBg1Ey0T078iPrzHfnmEUGamGutxXcDpC-A1RAtTX71zg5q6oHWX HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPInpzv7-MNPn9IhS7RNtFpbcAi5uGNtR1f0VzDkzKnQiBg1Ey0T078iPrzHfnmEUGamGutxXcDpC-A1RAtTX71zg5q6oHWX&google_gid=CAESEKEWZY5iqDsRBfM3F4m3FQU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0NzY4NTAzNjMxMDQ1OTYxMzUwMw%3D%3D&google_push=AYg5qPInpzv7-MNPn9IhS7RNtFpbcAi5uGNtR1f0VzDkzKnQiBg1Ey0T078iPrzHfnmEUGamGutxXcDpC-A1RAtTX71zg5q6oHWX

Request Chain 282

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBufXs5CZlXFjTp7mJoFs4Q&google_cver=1&google_push=AYg5qPIgWYlCh_xbeeEJxYSo4TErgUeTgOQyVtUwkCjV_RrHVqHptxgIVX-jkZJ6fv8acrnIxq9APYKo1QMze0HLOlMRpa96eXyh3JE HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBufXs5CZlXFjTp7mJoFs4Q&google_cver=1&google_push=AYg5qPIgWYlCh_xbeeEJxYSo4TErgUeTgOQyVtUwkCjV_RrHVqHptxgIVX-jkZJ6fv8acrnIxq9APYKo1QMze0HLOlMRpa96eXyh3JE&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uNHNtczVSRTJ1RVF4NXVQZ0NKVmpOZV8wandfOUpmVH5B&google_push=AYg5qPIgWYlCh_xbeeEJxYSo4TErgUeTgOQyVtUwkCjV_RrHVqHptxgIVX-jkZJ6fv8acrnIxq9APYKo1QMze0HLOlMRpa96eXyh3JE

363 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kolobok.ua/
Redirect Chain

http://kolobok.ua/
https://kolobok.ua/

142 KB
29 KB

404ms
235ms

Document
text/html

193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: e5f81d03dd446439139c9624ff0c72733f4cfd0d0464350122bbbed65201cdc4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 08:45:46 GMT
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sun, 29 May 2022 08:45:45 GMT
Location: https://kolobok.ua/
Server: nginx

GET
H/1.1 200
OK holder.js Show response
i.holder.com.ua/t/ 9 KB
4 KB 244ms
79ms Script
application/x-javascript 91.198.36.26
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.holder.com.ua/t/holder.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: i1.i.ua
Software: nginx /
Resource Hash: 8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 14:14:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Mon, 29 May 2023 08:42:48 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 445ms
149ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:23:59 GMT
server: nginx
etag: W/"6282425f-2c101"
x-cached-since: 2022-05-29T08:38:25+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Mon, 16 May 2022 12:35:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 223ms
93ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

561b59a8131097de1161f27128999f95da23c08a66ca1ac7848fb80e6aa9c12b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56241
x-xss-protection: 0
server: cafe
etag: 10715771817723573286
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 May 2022 08:42:48 GMT

GET
H2 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 6 KB
3 KB 157ms
65ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6268352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2517
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihKGRoxEcKFSFmFEMVAQtWQT8YWOJWaSnTQyO42idBXVkB6arRH7JB3MTg334lP5yKf%2BPmFoq8VIig3Ke6cQD7Nymgdz8igUUF3l9HxIlaZGDA7i2%2BHXvh0C5HWnWhg5zndpRvtdNFtKTVTNRQMpW7Ao"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df053d8090639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 common.css
api.phnx.click/css/ 571 B
466 B 274ms
83ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/css/common.css?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Mon, 16 Mar 2020 13:55:41 GMT
server: nginx
etag: W/"5e6f855d-23b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice.css
api.phnx.click/common/CookiesNotice/ 945 B
663 B 275ms
84ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/common/CookiesNotice/notice.css?3
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Wed, 15 Apr 2020 07:30:42 GMT
server: nginx
etag: W/"5e96b822-3b1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 153ms
54ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 602
age: 1006895
cdn-cachedat: 03/12/2022 07:06:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"450fc463b8b1a349df717056fbb3e078"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b2f4d32d633fa378ff3ff03637fe1e93
cf-ray: 712df053e9b67698-LHR
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/ 54 KB
10 KB 157ms
66ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2103939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9804
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-d747"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIflw25baGaVz1KMPKN73KeuakPLCksxv017iFXz1TkR%2Fv5QEE%2Fzo%2B7HktIufhYlCOHjAV9mBiflhRGSAaTcNh4L24694qSVlGMhh2Jg28P4U2rCeXPftL40G0LkWD715OAxXimg2IkU1xTuXrWUF6BX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df053d80a0639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.2.2/css/ 19 KB
3 KB 141ms
50ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.2.2/css/swiper.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22771858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2583
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7kWlL4l9BruKism%2FO7Suz0aLLCPRY2zdkvajlocRTKopcgGxbTKjgESEJURO2GOSs%2BmQSG8HRaEg%2FdA1Iuxx5AxEbPdwOeOC9uRjpPguN6hUaxiPrwdVKK1MCb%2FMy716C2TdJ2yqAHHHrFbRMfwU3aI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df053d80d0639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 style.min.css
kolobok.ua/css/ 67 KB
14 KB 85ms
85ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/css/style.min.css?8
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d0f1e4e77e17ce26fbc4740970cb36bf9c1448242bbed6725897c804ad099416

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 10:29:16 GMT
server: nginx
etag: W/"6168067c-10bc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.css
kolobok.ua/a-custom/ 40 B
321 B 86ms
86ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/a-custom/custom.css?6
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1f7c5b9fc7520d2735786380c08033a9d450b27ef40c0f660f03b615aecb2293

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 07:23:24 GMT
server: nginx
etag: W/"6064236c-28"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_top.png
kolobok.ua/images/ 8 KB
8 KB 88ms
85ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/logo_top.png?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Thu, 04 Feb 2021 12:11:24 GMT
server: nginx
etag: "601be46c-208f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8335
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1171ff4c14bbe73329de99ee28c4104b-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/63/10/13/3/6310133/image_main/ 52 KB
53 KB 89ms
86ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/10/13/3/6310133/image_main/1171ff4c14bbe73329de99ee28c4104b-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3aeb3672aaeb8efd556225a18e1769471a34085794fa8ffdd6aadbe7aac29a3b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Thu, 26 May 2022 11:23:57 GMT
server: nginx
etag: "628f634d-d0db"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53467
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a7ef7d272f1d7874bc82bd276ac0908f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/49/40/07/2/4940072/image_main/ 148 KB
149 KB 170ms
167ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/49/40/07/2/4940072/image_main/a7ef7d272f1d7874bc82bd276ac0908f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1b708eb963025d8efed6b916fe055f746b14d038fc1e2566055491260ab03dae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Sat, 29 May 2021 10:20:11 GMT
server: nginx
etag: "60b2155b-2511a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 151834
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 76e8b5e7e30f53fce9763f76d6f9d269-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/63/08/38/0/6308380/image_main/ 47 KB
47 KB 254ms
251ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/08/38/0/6308380/image_main/76e8b5e7e30f53fce9763f76d6f9d269-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8e28cd295b5aafb2519789b39da751767353cc775d3248a442caa0a3fdc0b423

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Tue, 24 May 2022 12:48:48 GMT
server: nginx
etag: "628cd430-ba26"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 47654
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6e5e1d05f2497ec2e2c9e68245ad444f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/63/06/54/5/6306545/image_main/ 61 KB
61 KB 295ms
292ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/06/54/5/6306545/image_main/6e5e1d05f2497ec2e2c9e68245ad444f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b1eaea9c6437b097c1546e8cfbdcd1d10098170ea999bb9ad7b865ddf34baed2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Sat, 21 May 2022 18:17:01 GMT
server: nginx
etag: "62892c9d-f408"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 62472
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0093ee1f65fcfe812b26d21a571c35e2-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/80/76/26/807626/ 46 KB
47 KB 334ms
332ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/80/76/26/807626/0093ee1f65fcfe812b26d21a571c35e2-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7d6f723401d9bff849050ca1dcf1078c770a7e49a7491d5e3eadcff562a9d6d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Wed, 21 Aug 2019 19:45:42 GMT
server: nginx
etag: "5d5d9f66-b940"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 47424
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 910858760ca16a7d46b3722558d00073-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/63/05/22/3/6305223/image_main/ 52 KB
53 KB 336ms
333ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/05/22/3/6305223/image_main/910858760ca16a7d46b3722558d00073-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ee5416b91df2826739bc6fcd6107439a854672768c5bff64b959c1ed9aff11de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Thu, 19 May 2022 20:16:00 GMT
server: nginx
etag: "6286a580-d0bf"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53439
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 91f701605b555012b8cd9f467c03e7f0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/54/85/65/3/5485653/image_main/ 27 KB
28 KB 337ms
334ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/54/85/65/3/5485653/image_main/91f701605b555012b8cd9f467c03e7f0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8b36b4daa26a130a8893c0ade843e3542251b7704af84b4504633ed52963fb2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Sat, 23 Oct 2021 07:20:26 GMT
server: nginx
etag: "6173b7ba-6de6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 28134
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c3fc1024f9c9d153b18724eda05d99ac-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/81/00/55/810055/image_main/ 71 KB
71 KB 338ms
335ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/81/00/55/810055/image_main/c3fc1024f9c9d153b18724eda05d99ac-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c9779c7b61fbc1dd54800b971b134f4370c625e0e47f6d4360245bec3e89696a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Thu, 20 May 2021 11:17:38 GMT
server: nginx
etag: "60a64552-11b05"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 72453
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a7a6dc0508b07535601f69fbb8b2116d-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/63/02/52/1/6302521/image_main/ 31 KB
32 KB 339ms
337ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/02/52/1/6302521/image_main/a7a6dc0508b07535601f69fbb8b2116d-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5083460fd3a067ce014eb6de7fd19dce63a82c4a3c1a70b7a53509980f3f6a1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Mon, 16 May 2022 19:38:32 GMT
server: nginx
etag: "6282a838-7cd8"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 31960
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8e01d95220b5bbc0de393ec905cc7119-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/99/84/69/998469/image_main/ 66 KB
66 KB 377ms
375ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/99/84/69/998469/image_main/8e01d95220b5bbc0de393ec905cc7119-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8542b7f6a83905880abe2bd34c191aaa1e06459cde1b5deaca20cb0f8d4ec679

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Wed, 21 Aug 2019 22:47:51 GMT
server: nginx
etag: "5d5dca17-1079d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 67485
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1x1.png
upload.wikimedia.org/wikipedia/commons/c/ca/ 95 B
1 KB 181ms
54ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:25:17 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 80250
x-cache-status: hit-front
x-cache: cp3055 hit, cp3057 hit/196945
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 95
x-client-ip: 2a01:4a0:2c::12
x-object-meta-sha1base36: 1q4na1xj6topzln51tpzqqxtdtdwo9p
accept-ranges: bytes
last-modified: Sat, 04 Apr 2020 08:42:56 GMT
server: ATS/8.0.8
etag: 71a50dbba44c78128b221b7df7bb51f1
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin: *

GET
H2 200 audio-tailes.png
kolobok.ua/images/ 17 KB
17 KB 414ms
412ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/audio-tailes.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 23cf8643e60f9e01b1bcf914c323f3861466997045f8aee8ea1c737f6fb5a21b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Wed, 09 Sep 2020 14:44:19 GMT
server: nginx
etag: "5f58ea43-4374"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 17268
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 243ms
53ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1463
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:06:46 GMT
Server: ECS (frb/6760)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/ 86 KB
28 KB 51ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3329464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27781
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYT2il%2F3vtJqVX3QMIZTUOIVDe1JWv3Rp3W3AQTkka07xUnrYNlP0kSPs7bweUD%2FHdfP%2Fg3vH32NaNHB8LD6brJcckd%2BQuJocua4UNDQVyN4Lmape5Q4ZgZ8N4tMAVcprTILbSMERNU74wcFIYW1P69W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df05509b00639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 67ms
57ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 135481
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 71f906965422c9529215d285b3135e95
cf-ray: 712df0552c2c7698-LHR
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.1/js/ 122 KB
28 KB 50ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.1/js/swiper.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1422243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28145
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1e700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJK8t1fneXxMkfMpOIo9s17hmIGOWPP7n90VK9JTizU%2Fkr9MtAtV2ItGybeZBaI%2F9KUtUu1vWNzUySwZS6CvitOnuA4rCHbL30kqOOsbiiNoEt9ne2EFsGf0jhlXWNWASVKydbCweXcQ%2Fv1kSRGeXzDx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df05519c80639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 isotope.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/ 35 KB
9 KB 86ms
82ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/isotope.pkgd.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 905894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8847
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-8a75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gsQ6V0CIZwYsh8BQsEkLYZ89u3KUOt1%2FlFilHuYxgWMUJBZZoz6jkkbBTiscUCC4CjV33K71VZWT3ZFpxcux9Y2B3DDi1gjpdbWCHYtIwpfm21iT24STmIkEzpnkuElFzmVsQNsyTW4p2%2BPHbrNf%2FCc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df05519cb0639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 hc-sticky.min.js Show response
cdn.jsdelivr.net/npm/hc-sticky@2.2.3/dist/ 11 KB
5 KB 159ms
53ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hc-sticky@2.2.3/dist/hc-sticky.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

301898d6bce363fd706de16a2d915e0382fc1a60d07b91d0ffd0609dd90b78a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 902414
x-jsd-version: 2.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA, cache-cdg20783-CDG
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2d58-OHp5NYJZm3BVirYCciTrlYiBEdQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sR%2F957RBRXllDYVBQud7MnqWVD7ZWvvhVydpBQe42awPC%2FHop%2Be0zQx7DGFnCrxLQXImU5AQe2VCHSWC3gVufClK9c32BEdCEzoD61uzLt2NNSY1qVxP5JjNPZSC6VBvr%2Bw25TOJwJh65cMAZ6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 712df055bebb76f3-LHR

GET
H2 200 jquery.waypoints.min.js Show response
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 9 KB
3 KB 88ms
84ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4164354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2417
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-2281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQ258JEgdJ1L8eiAIO0fbUzey0VWzWE9%2FZf5cpuiHgF9sVkeVPM4nGHhqMt0swV2c99j9gO7eN0HH5QVBEnTZx5RU5McBi5ESHOwOz2cDqhFJbXbs%2Bsl%2F%2Fk9SMsvW0DG03XncaMavMou2JLzTO2OFLon"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df05519db0639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 blazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/ 5 KB
2 KB 87ms
83ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/blazy.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1421293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1735
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-1448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Na0UU%2BSfIdzS9poMXm1cPvMOV%2F0V%2Bgx0PaCTDaWI1GZBISX3KmWGxGl7lX7EFJRecb95hkzd%2BV%2F5j6leoCRjQTnjphCJznQO2T2Q88x3IiS%2Fp04tqekaFfcFdm7UVpVoRzqhC4mgOeG50sD78ncUWNJM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df05519de0639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 607ms
72ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 29 May 2022 08:42:49 GMT
x-host: s7.addthis.com
content-length: 116425

GET
H2 200 app.min.js Show response
kolobok.ua/js/ 5 KB
2 KB 88ms
84ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/js/app.min.js?23
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bd62fd631f2f388a0ffb74ec23e67f2baf8816e8a9bc2df95ebad6f63a575b9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: W/"6076c395-1459"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instafeed.min.js Show response
kolobok.ua/js/ 7 KB
3 KB 89ms
85ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/js/instafeed.min.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: W/"6076c395-1a80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 article-stat-v2.js Show response
api.phnx.click/js/ 976 B
608 B 90ms
86ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/js/article-stat-v2.js?8
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Mon, 29 Apr 2019 05:26:10 GMT
server: nginx
etag: W/"5cc68af2-3d0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 54ms
50ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 221793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQgqSn3NQRjYHTswBQLm2R37q0UuEvUwQYo8QPBoB1W6j%2FBUHsGN1JwKEeJm7EBhDRLcEem4BC1r8b%2Ftc%2F5BjJczGcjt%2FFB3z8PhoX4NYt4%2B%2FIVvwMlDVhwA0ZT020mgDAJDfZ9sZH7HQcM%2BeECQ5IYd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df05519e40639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 md5.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 4 KB
2 KB 53ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 226452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1339
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-eb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wxcl2Za99es%2BGjbfFZDrz4lBKU1gvr0%2B%2FXVuuweU6ts%2FkHSKs7jeDDzUdNDcSgocbpbHpQFcyA3VtLVW017fk0sLg%2FDWh4iVB7Q%2FEHyI%2F5G78MmjgfRBwT4djiYWQX18rdsRhPqc5FmCkah%2F2AJhAs8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df05519e60639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 5 KB
2 KB 86ms
82ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7254558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1763
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNq20wu4dBG9H%2B6yT%2BEkRlHewJ8FaPbC89oHZIytFAx7%2FNUMeTzjEQAi0tM2jff%2BVgQxyZFKb2JiVlel8jQtRPYeENOji%2BncmfzQFE8IOPW6%2Fiv1TUFgXBiskswR34lC2DxtqdRtrF2hKU%2B%2FMNEtg0e4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df05519e70639-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H2 200 common.js Show response
api.phnx.click/js/ 3 KB
1 KB 90ms
87ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/js/common.js?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 10:11:50 GMT
server: nginx
etag: W/"5e1307e6-a00"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice.js Show response
api.phnx.click/common/CookiesNotice/ 648 B
517 B 91ms
87ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/common/CookiesNotice/notice.js?2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 13:24:19 GMT
server: nginx
etag: W/"5e42ab03-288"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 176ms
54ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1420
date: Sun, 29 May 2022 08:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 29 May 2022 10:19:08 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 52 KB
14 KB 249ms
80ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14031
expires: Sun, 29 May 2022 20:42:48 GMT

GET
H2 200 e.js Show response
cdn.umh.ua/libs/ 6 KB
3 KB 187ms
54ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.umh.ua/libs/e.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block;
last-modified: Tue, 01 Mar 2022 15:54:34 GMT
server: nginx
etag: W/"621e41ba-16f4"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
expires: Mon, 30 May 2022 08:42:48 GMT

GET
H2 200 kids_pattern.png
kolobok.ua/images/ 19 KB
19 KB 412ms
411ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/kids_pattern.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: db3ce8768c4e10435d706169fbf1c5d3ed4703f01fd5d428abf2a4eb87a2e734

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-4b88"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19336
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dinroundpro-bold.woff2
kolobok.ua/fonts/ 36 KB
36 KB 412ms
412ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro-bold.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bead87b2c8ee8424cda8e6d4dec906754c8b4c9860f9e8a84d4c62c3ba288ee2

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-8e30"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 36400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spt_item.gif
kolobok.ua/images/ 2 KB
2 KB 401ms
401ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 86b67e98ae1805a0fa348e3e1d118a7b6661d66a6fd88609e8c7f59562a986a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-773"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1907
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spt_item5.gif
kolobok.ua/images/ 2 KB
2 KB 402ms
401ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item5.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 02c30a2f8ab99e50290330ce2b9c3b7df9bcabbbd0f65442d2f929cb2fec3162

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-675"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1653
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spt_item4.gif
kolobok.ua/images/ 1 KB
2 KB 402ms
401ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item4.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1e99d1e6fe74443f70e6b1bb68cca578728ec9d7669c2ee3ecaef8239f6eb956

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-5bb"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1467
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 13 KB
14 KB 277ms
231ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a64c3f8968235caf4367a733443be4ab6274fd32383d31bf96f607d1f87153a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12405667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13552
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-34f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BcEPMRMz1EcV2hUL381Z97RmaKRNSWJFgsffmU7%2FVolhRAlxh42OOQjkAC4ydsz0bO6BvpO4Qb%2F13RpmuUMTiVfD8rInKJzUscAf9cV%2BXmWeerg9k22FGXR3vkCpY3UJ19DsHw%2F9SPZTSZGlgfaOHRz"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df0557ec288c1-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 73 KB
74 KB 188ms
143ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f8971058530863cdfbe3d156d8d5c6f7a6a42d5884f4e82cde8e3692b91e535

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4549115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74768
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12410"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32EKwrbUKky53NAZYre33ELTDt9sOr%2Fz%2F5ugAudEVTncz5Cf0zDwBX7cavNYx97Xvl8n%2FYbb8A7QSIndWSZdm4D7IOooo9AGmERfPPrBIT%2BMKTYqu%2F5mguDdXmm%2F%2BrEgJJ8%2Fg0Dn7u0H23hgCps2N954"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df0557ebf88c1-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 73 KB
73 KB 101ms
56ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83256161be4addb3aefe369a31de46f42def521d423ab1b344883d49c2bd1953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3102560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74256
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12210"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnBZBAkd0ZhqDSl8bikuFc1EqjRFkpODSA9ia41Gpo1%2FtnF6tLlgL%2B18JgDvA3FEDrYb9MbGPkm2uLWAGPnexR7bGapLSaeVAqDYMuSLkGuv2UBN9fWfiIuxYJY%2FBZxYB9Z7BG48J6S0IrxyKnycGMIB"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 712df0557ec188c1-LHR
expires: Fri, 19 May 2023 08:42:48 GMT

GET
DATA 200
OK truncated
/ 150 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 loader.gif
kolobok.ua/images/ 9 KB
9 KB 385ms
385ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/loader.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c9c616de646e94b9adea60ef1e8ffe5246f82b82baa1e039b1b6007067791773

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-22ee"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8942
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sidebar_quote_b1.jpg
kolobok.ua/images/ 22 KB
22 KB 385ms
385ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/sidebar_quote_b1.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0cf67a88e4158309a7aec1613a776c80db3dc47769b1865ba427078bae937819

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-57b1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22449
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dinroundpro-black.woff2
kolobok.ua/fonts/ 34 KB
34 KB 385ms
385ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro-black.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 091105bb0811a882fd4f7fedb9e8dcf8a8fd0358106f000d7dd74cd1626dabe5

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:46 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-886c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 34924
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 179ms
54ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbb2258b96a0bfb7de912038d3d1c050efd84bc4a23300efa4c99195ce031269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WibaOWfZyUQWzSps7cMn3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 29 May 2022 08:51:59 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: m1TsIjTeLzLSUA9mgPSvKwRJH7u6nXM1ezXzsIdhrneq1p+PBa3h+jDUixi5woAA61KtSp4tKIkuMtdy75spVg==
x-fb-trip-id: 917726464
x-fb-content-md5: f3dd3f386017a34269a24c15087ded52
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 29 May 2022 08:42:48 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ebc1fa47c516b7a246cfb02da3afc80e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 54D3 5 KB
1 KB 287ms
97ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=ivona
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: e75e817482bebe5decd28b2bcdb428ef353d6a563acf767d8d8f588f422c1eb8

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 08:46:01 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 1DFD 4 KB
1 KB 280ms
94ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=smak
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: b034011ac32c90dc03ae4164273121d4695700ee59e059e5cf22a6f5c5aea69a

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 08:46:01 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame D6AD 5 KB
1 KB 280ms
95ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=ivona
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: d3048593aaac7bb112d39d11fa92c28361c0469a5aaf5ea516bb609ead4b3aeb

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 08:46:01 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 132 B
423 B 410ms
90ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n43916&w0&y0&d24&r1600
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 6fd5fa4a98bbc9959dff554cfba798e555590f8a1afaa247a48a40138cd700d0

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 load Show response
z.cdn.umh.ua/ 56 B
381 B 88ms
54ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1466079092&div=zone_1466079092&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1244&pl=3&mi=4&me=8&hc=4&n=1653813768668&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=1287419685
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 254f33bb44c46523cce6e349f8ea4ec60151ca4337024b647502da496df48b9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:48 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 56
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 1 KB
1 KB 90ms
56ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1320537623&div=zone_1320537623&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1244&pl=3&mi=4&me=8&hc=4&n=1653813768668&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=1287419685
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: b9ede3a5a9d897ac53ede9364573cf48ecf891c0ec9819321a2f4ab5b2c53ea7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 744
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 57 B
382 B 88ms
55ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1584315929&div=zone_1584315929&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1244&pl=3&mi=4&me=8&hc=4&n=1653813768668&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=1287419685
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: d54ac0208d59cd7d261f9ad3c02558ad7cdad6785a35514e25e872d055d28ec2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:48 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 57
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 2 KB
1 KB 89ms
55ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1982059428&div=zone_1982059428&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1244&pl=3&mi=4&me=8&hc=4&n=1653813768668&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=1287419685
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 26a3dcc6b10798d230db06ef5cde2ffb3db42ce54649679de4ae97ac19e198ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 948
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 1 KB
1 KB 54ms
54ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1619353633&div=zone_1619353633&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1244&pl=3&mi=4&me=8&hc=4&n=1653813768668&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=1287419685
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 6a9b72f3324b568d38723f5652423ac68a86f0633656e3826665a4347a125afb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 787
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 75 B
400 B 54ms
54ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1836467761&div=zone_1836467761&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1244&pl=3&mi=4&me=8&hc=4&n=1653813768668&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=1287419685
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 085583262fc989309eef660f40bfcd1725cc57edb8cad2c03e95382ce3e0b50f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:48 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 75
expires: -1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 169ms
61ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=653360334&t=pageview&_s=1&dl=https%3A%2F%2Fkolobok.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1330419163&gjid=1354429809&cid=1262892392.1653813769&tid=UA-82254946-1&_gid=176838834.1653813769&_r=1&_slc=1&z=2121787312

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 295 KB
84 KB 116ms
57ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=972f46da5a1e3667193c68115d6d8e08

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a48957670e2c04207a79a2246bc355db662e43f6e962dff6ae60b6695d71b0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: t10jrVjsNdqtOq2B9s1RMA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85891
x-fb-rlafr: 0
x-fb-debug: XEf+9I2q6/gPMdkzQ2mP55RFLppkTm9QfhKO/IZkRQZyPStaMkkufnki1E96sxZeFCHkHexRwlfBPU9xhybhBw==
x-fb-content-md5: 05e7dfccf90897444dfe3ed72335d083
x-frame-options: DENY
date: Sun, 29 May 2022 08:42:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d49dda0537989f7fc3199ea94985feee"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 29 May 2023 07:51:57 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 279 B
393 B 83ms
81ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=kolobok.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 773df060071aac20d1c078c07a4fce01e28190112b3226ae54b828e726986d37

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 279
expires: Tue, 28 Jun 2022 08:42:48 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame CC1F 5 KB
3 KB 295ms
100ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 8e0a244159836a5d55a7de81c24cefb74c7d8387e2e700f16856201ba1e37484

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2712
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:49 GMT
etag: PRIVATE7520710249
expires: Tue, 28 Jun 2022 08:42:49 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/46506/ Frame BA3D 738 B
510 B 138ms
135ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 29 May 2022 08:42:48 GMT
etag: W/"62824272-2e2"
expires: Wed, 17 May 2023 12:25:26 GMT
last-modified: Mon, 16 May 2022 12:24:18 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
x-id: fr5-up-gc34

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/46506/ 23 KB
8 KB 145ms
141ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:15 GMT
server: nginx
etag: W/"6282426f-5d41"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/46506/ 75 KB
20 KB 156ms
153ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:04 GMT
server: nginx
etag: W/"62824264-12c39"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/ 314 KB
112 KB 189ms
81ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfa49377d7989ce034d7bb3f48b0bb3fdcb1e8b99456b8c8582f1e849b6d6dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114512
x-xss-protection: 0
server: cafe
etag: 15525279612610070612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 29 May 2022 08:42:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame D348 10 KB
5 KB 169ms
53ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 40584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 21:26:24 GMT
etag: 1327746537699501093
expires: Sat, 11 Jun 2022 21:26:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 187ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Requested by

Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1982059428&div=zone_1982059428&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1244&pl=3&mi=4&me=8&hc=4&n=1653813768668&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=1287419685

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e5caa27fcc371d54f72344d1e23ae90c35e48135f8db4af36a7f862533f6b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56186
x-xss-protection: 0
server: cafe
etag: 6573917932443360991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 May 2022 08:42:49 GMT

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 29 KB
10 KB 169ms
60ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1619353633&div=zone_1619353633&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1244&pl=3&mi=4&me=8&hc=4&n=1653813768668&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=1287419685
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 16:48:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61af9066-72a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 29 May 2022 09:42:49 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
435 B 170ms
56ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-82254946-1&cid=1262892392.1653813769&jid=1330419163&gjid=1354429809&_gid=176838834.1653813769&_u=IEBAAEAAAAAAAC~&z=91215157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 29 May 2022 08:42:49 GMT
content-type: text/plain
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c079a8175ece0e52f3045501ff9c7065.jpg
exchange.informer.ua/assets/thumbnails/c0/ Frame 1DFD 6 KB
7 KB 86ms
84ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/c0/c079a8175ece0e52f3045501ff9c7065.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 50ae88d688e07bbae21e1ca28c16c1750c776506ec52b052cacae15724e6be90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 09:21:02 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6291e97e-19db"
content-length: 6619
content-type: image/jpeg

GET
H2 200 006088096e6946e3cac78d43bcb7b0f3.jpg
exchange.informer.ua/assets/thumbnails/00/ Frame 1DFD 7 KB
7 KB 168ms
167ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/00/006088096e6946e3cac78d43bcb7b0f3.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e251f1bdeaf050b008bf5b39577ea9cf576c5ff7ac8cff61fefd1717c6e272f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 12:21:04 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "629213b0-1c5b"
content-length: 7259
content-type: image/jpeg

GET
H2 200 b3691958f830a305a4bf5fd3fc32c18b.jpg
exchange.informer.ua/assets/thumbnails/b3/ Frame 1DFD 7 KB
7 KB 129ms
126ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/b3/b3691958f830a305a4bf5fd3fc32c18b.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e19c3754d938b19ed99f8865289f649ebe1a55464ecd3d204c970cbaa9b840f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 16:20:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62924bb3-1c92"
content-length: 7314
content-type: image/jpeg

GET
H2 200 15154f3d3efb9f7a1fae7e52131c2ee4.jpg
exchange.informer.ua/assets/thumbnails/15/ Frame 1DFD 8 KB
8 KB 129ms
126ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/15/15154f3d3efb9f7a1fae7e52131c2ee4.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a79da21b1c59c13695a6fe2e01c372cb816c108a3c65197bea6c8c6b0199b91d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sun, 29 May 2022 07:20:05 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62931ea5-1e1f"
content-length: 7711
content-type: image/jpeg

GET
H2 200 d597cf85312acaf5bcdbbfb9a395af8b.jpg
exchange.informer.ua/assets/thumbnails/d5/ Frame 1DFD 6 KB
6 KB 209ms
206ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/d5/d597cf85312acaf5bcdbbfb9a395af8b.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f09a527638c20e34e9c22f4f683d480194143974a94e328d595c0b9ccfaa54e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 14:21:04 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62922fd0-18f9"
content-length: 6393
content-type: image/jpeg

GET
H2 200 a9bdb407e50ee93c638231dd56351584.jpg
exchange.informer.ua/assets/thumbnails/a9/ Frame D6AD 8 KB
8 KB 87ms
84ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/a9/a9bdb407e50ee93c638231dd56351584.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a309f8133873e119854b1d8d8aa521f2ca279787c4d4ead03496162f163652f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 16:21:07 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62924bf3-1e4f"
content-length: 7759
content-type: image/jpeg

GET
H2 200 9c4a930b06331f49eae55a38b9309ce2.jpg
exchange.informer.ua/assets/thumbnails/9c/ Frame D6AD 7 KB
7 KB 168ms
167ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/9c/9c4a930b06331f49eae55a38b9309ce2.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ff480bb2cb54336b9e0ceb8ef5531aa3f5fc30749d9b5e44c498bc5a2b37c775

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 15:31:06 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6292403a-1b04"
content-length: 6916
content-type: image/jpeg

GET
H2 200 80c8993f78a57a77b55b2e2493b5afb4.jpg
exchange.informer.ua/assets/thumbnails/80/ Frame D6AD 7 KB
7 KB 208ms
207ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/80/80c8993f78a57a77b55b2e2493b5afb4.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c968318b00f0c834b860bc6bb0f7d178fb8759749c468ee2b8fe2e2285744274

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 13:21:04 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "629221c0-1aa1"
content-length: 6817
content-type: image/jpeg

GET
H2 200 c557e7e4ef7036c75639e8a22b2a6207.jpg
exchange.informer.ua/assets/thumbnails/c5/ Frame D6AD 6 KB
6 KB 209ms
208ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/c5/c557e7e4ef7036c75639e8a22b2a6207.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9bb7d659175bbe52bc9e5df4c3063a153e675d993a6b4563691b1cfdedf16172

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sun, 29 May 2022 06:21:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "629310cf-1843"
content-length: 6211
content-type: image/jpeg

GET
H2 200 3657e235c075797bbc2f256e10dcae63.jpg
exchange.informer.ua/assets/thumbnails/36/ Frame D6AD 7 KB
7 KB 209ms
209ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/36/3657e235c075797bbc2f256e10dcae63.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e692666665fb4b9cb743b00e1f7b7fed223b4f784587211fb8b27badfdf7335e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sun, 29 May 2022 07:51:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "629325e7-1b54"
content-length: 6996
content-type: image/jpeg

GET
H2 200 9c4a930b06331f49eae55a38b9309ce2.jpg
exchange.informer.ua/assets/thumbnails/9c/ Frame 54D3 7 KB
7 KB 168ms
166ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/9c/9c4a930b06331f49eae55a38b9309ce2.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ff480bb2cb54336b9e0ceb8ef5531aa3f5fc30749d9b5e44c498bc5a2b37c775

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 15:31:06 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6292403a-1b04"
content-length: 6916
content-type: image/jpeg

GET
H2 200 c557e7e4ef7036c75639e8a22b2a6207.jpg
exchange.informer.ua/assets/thumbnails/c5/ Frame 54D3 6 KB
6 KB 168ms
168ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/c5/c557e7e4ef7036c75639e8a22b2a6207.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9bb7d659175bbe52bc9e5df4c3063a153e675d993a6b4563691b1cfdedf16172

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sun, 29 May 2022 06:21:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "629310cf-1843"
content-length: 6211
content-type: image/jpeg

GET
H2 200 3657e235c075797bbc2f256e10dcae63.jpg
exchange.informer.ua/assets/thumbnails/36/ Frame 54D3 7 KB
7 KB 210ms
209ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/36/3657e235c075797bbc2f256e10dcae63.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e692666665fb4b9cb743b00e1f7b7fed223b4f784587211fb8b27badfdf7335e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sun, 29 May 2022 07:51:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "629325e7-1b54"
content-length: 6996
content-type: image/jpeg

GET
H2 200 80c8993f78a57a77b55b2e2493b5afb4.jpg
exchange.informer.ua/assets/thumbnails/80/ Frame 54D3 7 KB
7 KB 210ms
209ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/80/80c8993f78a57a77b55b2e2493b5afb4.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c968318b00f0c834b860bc6bb0f7d178fb8759749c468ee2b8fe2e2285744274

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 13:21:04 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "629221c0-1aa1"
content-length: 6817
content-type: image/jpeg

GET
H2 200 a9bdb407e50ee93c638231dd56351584.jpg
exchange.informer.ua/assets/thumbnails/a9/ Frame 54D3 8 KB
8 KB 210ms
210ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/a9/a9bdb407e50ee93c638231dd56351584.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a309f8133873e119854b1d8d8aa521f2ca279787c4d4ead03496162f163652f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:46:01 GMT
last-modified: Sat, 28 May 2022 16:21:07 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62924bf3-1e4f"
content-length: 7759
content-type: image/jpeg

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/46506/ Frame F902 738 B
419 B 133ms
133ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 29 May 2022 08:42:49 GMT
etag: W/"62824272-2e2"
expires: Wed, 17 May 2023 12:25:26 GMT
last-modified: Mon, 16 May 2022 12:24:18 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
x-id: fr5-up-gc34

GET
H2 200 b53_left.gif
i.bigmir.net/cnt/samples/default/ 319 B
492 B 462ms
85ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_left.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
last-modified: Tue, 23 Jan 2007 13:14:26 GMT
server: nginx
etag: "45b60a32-13f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 319
expires: Wed, 01 Jun 2022 08:42:49 GMT

GET
H2 200 b53_center.gif
i.bigmir.net/cnt/samples/default/ 96 B
267 B 463ms
85ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_center.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
last-modified: Tue, 23 Jan 2007 13:14:25 GMT
server: nginx
etag: "45b60a31-60"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 96
expires: Wed, 01 Jun 2022 08:42:49 GMT

GET
H2 200 b53_right.gif
i.bigmir.net/cnt/samples/default/ 319 B
491 B 463ms
86ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_right.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
last-modified: Tue, 23 Jan 2007 13:14:26 GMT
server: nginx
etag: "45b60a32-13f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 319
expires: Wed, 01 Jun 2022 08:42:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 197ms
54ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202832543530482&ev=fb_page_view&dl=https%3A%2F%2Fkolobok.ua%2F&rl=&if=false&ts=1653813769011&sw=1600&sh=1200&at=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 29 May 2022 08:42:49 GMT

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 17 KB
9 KB 85ms
85ms XHR
application/json 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1566&height=300&width=400&tld=kolobok.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=kolobok.ua&top_url=https%3A%2F%2Fkolobok.ua%2F&domain=kolobok.ua&url=https%3A%2F%2Fkolobok.ua%2F&referrer=&async=1&uid=6035162604
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 80a0b34f8b9e0f54a1640057b0a8f7d6d0e033960fda622f6c67c19f0ba4915c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1653813769083/
Redirect Chain

https://gaua.hit.gemius.pl/_1653813769083/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%...
https://gaua.hit.gemius.pl/__/_1653813769083/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok....

169 B
421 B

182ms
182ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1653813769083/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=UaDGRJ281m7.lajE91NiBngfzHUACbgTZse9SQf96Qn.p7m7YKrOtI3wWc8c_0DZVOfBC1rWoE8o.qhXsM4gUQlepKs0/a01QW2mChB5Ih/&ltime=319&fpdata=FyiLwfxGlE_Edk15F6qIEtK91zhfpPzhsjaXZcQaAyP.X7&fpcap=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: da75346410371a736791d9eff61b63f608b6411a4ee3d433814a92bed6053b59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:49 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 28 May 2022 08:42:49 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:49 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1653813769083/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=UaDGRJ281m7.lajE91NiBngfzHUACbgTZse9SQf96Qn.p7m7YKrOtI3wWc8c_0DZVOfBC1rWoE8o.qhXsM4gUQlepKs0/a01QW2mChB5Ih/&ltime=319&fpdata=FyiLwfxGlE_Edk15F6qIEtK91zhfpPzhsjaXZcQaAyP.X7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 28 May 2022 08:42:49 GMT

GET
H2 200 swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 15 KB
5 KB 167ms
59ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16585087
fly-request-id: 01FMS6Y6SGEK1GR9A28ED5H9NJ
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 712df059ea247326-LHR

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 11 KB
4 KB 51ms
49ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 14:47:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6213a5ed-2b1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 29 May 2022 09:42:49 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 237 KB
71 KB 55ms
53ms Script
application/javascript 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 10:13:13 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627fb9-3b3ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 29 May 2022 09:42:49 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 198ms
62ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd097b2464f9ce4b163f3805ac584dae1f71ef79f3a8ee1ec205d45bdc3285b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28117
x-xss-protection: 0
server: sffe
etag: "1229 / 797 of 1000 / last-modified: 1653689078"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 29 May 2022 08:42:49 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.0/ 132 KB
38 KB 167ms
61ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16585228
fly-request-id: 01FMS6SWHNFZK5N5XF14ZSEYYP
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 712df059ea277326-LHR

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 154ms
153ms Stylesheet
text/css 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 35 B
373 B 183ms
56ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 162ms
48ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
ad.vidver.to/delivery/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=dfe70047-7960-477f-9821-0c1e44fbc7a0&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=dfe70047-7960-477f-9821-0c1e44fbc7a0&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3Db4693fca-0e03-4d27-8432-f9143fe5...
https://x.bidswitch.net/sync?dsp_id=80&user_id=c3bc6293-320b-4700-9047-82110a43f9e8&expires=30&ssp=prodoohmox&bsw_param=b4693fca-0e03-4d27-8432-f9143fe553ad&gdpr=0&gdpr_consent=
https://ad.mox.tv/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad
https://ad.mediawayss.com/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
https://ad.outstream.today/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
https://ad.adopx.net/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
https://ad.invamia.com/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
https://ad.vidverto.io/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=YWQudmlkdmVyLnRv
https://ad.vidver.to/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=

0
483 B

181ms
55ms

Image
text/html

185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 May 2022 08:42:52 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Redirect headers

location: https://ad.vidver.to/delivery/sync?userid=b4693fca-0e03-4d27-8432-f9143fe553ad&inner_redirect=1&inner_uuid=dfe70047-7960-477f-9821-0c1e44fbc7a0&redirect_host_list=
date: Sun, 29 May 2022 08:42:52 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: *
content-type: text/html; charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 185ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kolobok.ua&callback=_gfp_s_&client=ca-pub-3755662197386269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac194b722d326c2bdaa68addea2025b0d16baf4bad82d1bfda7e112201096ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 195ms
63ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 195ms
64ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkolobok.ua%2F&tn=NAV&cls=top-navbar%20navbar%20navbar-expand-lg%20navbar-light%20bg-light%20fixed-top%20kids_pattern%20justify-content-between%20justify-content-lg-center%20align-items-end&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1753 0
19 B 215ms
105ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1653813769&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768841&bpp=2&bdt=661&idt=315&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=424785742066&frm=20&pv=2&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=332

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:49 GMT
expires: Sun, 29 May 2022 08:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EC1 96 KB
33 KB 348ms
251ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653813769&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768863&bpp=2&bdt=684&idt=317&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cr5Fl2u3iz&p=https%3A//kolobok.ua&dtd=324

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7b4102818872ff395e23756d8fafe76fed92b8e86659a368a2a01e63e44997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33857
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:49 GMT
expires: Sun, 29 May 2022 08:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 11A8 79 KB
26 KB 698ms
610ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f58a400166e5d06ad046168a699ad92d3f889c929f90f83f8c22190736ad40b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMS8_rGohPgCFRdXcgodVcYPPw&gqi=CTKTYt_dE-fqtgf3nJHIBA&layout=/sadbundle/%24csp%253Der3%24/14577188022949773312/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 26466
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMS8_rGohPgCFRdXcgodVcYPPw&gqi=CTKTYt_dE-fqtgf3nJHIBA&layout=/sadbundle/%24csp%253Der3%24/14577188022949773312/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:49 GMT
expires: Sun, 29 May 2022 08:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 210ms
64ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: ACBCEC80C6877CC0
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27068
accept-ranges: bytes
content-length: 948
x-amz-id-2: acDAUY5jmCF7lvr/JHZl4py2ZuOKlWs++DBlkKW8Nt3TFbt1mB9Cyg5nA/wNZ03fHG07+KD+uVE=

GET ads
googleads.g.doubleclick.net/pagead/ Frame F900 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 9BBD 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 5F52 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 123F 0
0

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 276ms
79ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_300x50_6256&c1&r82453656&dholder1466079092&hhttps%3A//kolobok.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:49 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 256ms
80ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_300x100_6255&c1&r82453656&dholder1584315929&hhttps%3A//kolobok.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:49 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame F796 319 KB
104 KB 54ms
54ms Document
text/html 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 217532
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Sun, 29 May 2022 08:42:49 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Sun, 15 May 2022 20:03:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6760)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3

200

/
www.facebook.com/login/ Frame 2A2F
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa64...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

209ms
209ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfa643804bb9d44%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff3ebd6356eb8f8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=972f46da5a1e3667193c68115d6d8e08

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 29 May 2022 08:42:49 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: DBpMRrKO8nzeKINS/cXXafhSQ37X7Z/ZkRDm58ocmeVNabnHJWdoo2x/WdMfu2zmQXJoBkr7a27qQ/OP2/bETg==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 29 May 2022 08:42:49 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v7.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfa643804bb9d44%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff3ebd6356eb8f8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: EvltXiZAIMfAWmDUsBMUUm67vjDQT5LSLZXy1GSjQ6oOHUPjOp1J6Z/2yqB0wxTxEEuFcAMsxxrVOp5dNAiWHg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5cde4c546c360164/ 3 KB
1015 B 325ms
317ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5cde4c546c360164/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1d76224d2d919a0d3e8950b5f754d60d84cb73037a463cdf0d61a52853757f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
etag: -1347345604--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 838

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 825ms
190ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=629332092a1204df&bkl=0&bl=1&pdt=763&sid=629332092a1204df&pub=ra-5cde4c546c360164&rev=v8.28.8-wp&ln=ru&pc=men&cb=0&ab=-&dp=kolobok.ua&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D0%B1%D0%B5%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D1%8C%2C%D1%80%D0%BE%D0%B4%D1%8B%2C%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D1%83%D1%85%D0%BE%D0%B4%D1%83%20%D0%B7%D0%B0%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BA%D0%BE%D0%BC%2C%D0%B3%D1%80%D1%83%D0%B4%D0%BD%D0%BE%D0%B5%20%D0%B2%D1%81%D0%BA%D0%B0%D1%80%D0%BC%D0%BB%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B5%2C%D0%BF%D0%BE%D0%BB%D0%BE%D0%B2%D0%BE%D0%B5%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D1%83%20%D0%BF%D0%BE%D0%B4%D1%80%D0%BE%D1%81%D1%82%D0%BA%D0%BE%D0%B2%2C%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%20%D1%81%D0%B5%D0%BC%D1%8C%D0%B5%2C%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D0%B2%D0%B0%D1%8E%D1%89%D0%B8%D0%B5%20%D0%B8%D0%B3%D1%80%D1%8B%2C%D0%B4%D0%B5%D1%82%D1%81%D0%BA%D0%B8%D0%B5%20%D1%81%D0%BA%D0%B0%D0%B7%D0%BA%D0%B8%2C%D0%B4%D0%B5%D1%82%D1%81%D0%BA%D0%B8%D0%B5%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%2C%D0%BF%D0%BE%D0%BB%D0%BE%D0%B2%D0%BE%D0%B5%20%D1%81%D0%BE%D0%B7%D1%80%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&colc=1653813769311&jsl=8321&uvs=629332094aed6049000&skipb=1&callback=addthis.cbs.jsonp__37105974362500380
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b80d717d0093988e78481f046885680a559a73c090c36f7fc5c30361b9d8926

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0114 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 496F 71 KB
26 KB 64ms
63ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sun, 29 May 2022 08:42:49 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.ru.min.json Show response
s7.addthis.com/l10n/ 6 KB
2 KB 218ms
58ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.ru.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-16d7"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Sun, 29 May 2022 08:42:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 2276

GET
H2 200 1171ff4c14bbe73329de99ee28c4104b-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/63/10/13/3/6310133/image_main/ 14 KB
14 KB 84ms
83ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/10/13/3/6310133/image_main/1171ff4c14bbe73329de99ee28c4104b-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f27ec71ab10ada46c00c5731f123fd95afc9e6a0860fbc566ea753aaa34ce0ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:47 GMT
last-modified: Thu, 26 May 2022 11:25:21 GMT
server: nginx
etag: "628f63a1-365a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13914
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a7ef7d272f1d7874bc82bd276ac0908f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/49/40/07/2/4940072/image_main/ 67 KB
67 KB 84ms
83ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/49/40/07/2/4940072/image_main/a7ef7d272f1d7874bc82bd276ac0908f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f754fe8af7aed2ba65f62d51cd0fdaf22af38b4e96f9c02c7a1fb7eab58fb192

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:47 GMT
last-modified: Sat, 29 May 2021 10:19:02 GMT
server: nginx
etag: "60b21516-10afd"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 68349
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 76e8b5e7e30f53fce9763f76d6f9d269-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/63/08/38/0/6308380/image_main/ 14 KB
14 KB 85ms
84ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/08/38/0/6308380/image_main/76e8b5e7e30f53fce9763f76d6f9d269-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3d65fc58c8b4b95e56eca9c4c2dbca490f2b57edd5df89e7bbfd38ec8d2a1554

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:47 GMT
last-modified: Tue, 24 May 2022 12:50:44 GMT
server: nginx
etag: "628cd4a4-3617"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13847
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6e5e1d05f2497ec2e2c9e68245ad444f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/63/06/54/5/6306545/image_main/ 11 KB
11 KB 86ms
85ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/06/54/5/6306545/image_main/6e5e1d05f2497ec2e2c9e68245ad444f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0692722b63624ad9ff6c955228db259553745a12cea1ad597143c20ba5ec8c8c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:47 GMT
last-modified: Sat, 21 May 2022 18:16:48 GMT
server: nginx
etag: "62892c90-2c9a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11418
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 91f701605b555012b8cd9f467c03e7f0-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/54/85/65/3/5485653/image_main/ 10 KB
10 KB 86ms
86ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/54/85/65/3/5485653/image_main/91f701605b555012b8cd9f467c03e7f0-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: fe5f400fda141524f7440048ef4643dbd06fffce0ab780b64495c708411dd0b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:47 GMT
last-modified: Sat, 23 Oct 2021 07:20:28 GMT
server: nginx
etag: "6173b7bc-2680"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9856
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H2 200 add-view Show response
api.phnx.click/articles/stat/ 39 B
247 B 305ms
139ms XHR
application/json 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/articles/stat/add-view?cid=11&site=kolobok&aid=807247&0.43864353821242896
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 09f5778d15738612633f19a1adc6170deecbee0888bc00d0983d9dbf015a6f20

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 29 May 2022 08:45:47 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8

POST
H2 200 z Show response
s.znctrack.net/ Frame B747 50 KB
23 KB 369ms
172ms XHR
text/javascript 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: d18460ae5a4d42a409487ed0eac7ce114d97f1fd6d24c3b23e798b3591c98c1d

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23332
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 222 B
676 B 175ms
57ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4316559048836865.5&cpv=1c6ffee6-7bac-1012-d72a-356116fc0b74&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22f48beb76-0afc-0df6-8ff2-04e3ad450250%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fkolobok.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e9b8c4a8-60fa-4fe0-4241-b396018c7646%22%2C%22tagid%22%3A%228ea486a5-d161-46a5-a5a4-b1d24d77a9af%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1836467761%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

de369464d197c8efd2b28e71204038ae78153a113b6ab04c5c5399024206de4d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:49 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 203
X-Xss-Protection: 0

GET
H2 200 pubads_impl_2022052601.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 167ms
54ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

89fcef2fe8204ec89e703202f4313758021687559f6216a92b5379a753015e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 28 May 2022 09:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127327
x-xss-protection: 0
last-modified: Thu, 26 May 2022 08:35:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 May 2023 09:25:33 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 308 B
787 B 187ms
64ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kolobok.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e59529996a0f2a25381da3c1e2f3eecf7b327a94dab5d5a4fc18aa1c5702d72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
expires: Sun, 29 May 2022 08:42:49 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F796 278 B
461 B 243ms
147ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=7df9bb3d05c6c4c533a8a31b54a42536e50f4c48

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 29 May 2022 08:42:48 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 08:42:49 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6f4d25cb5c0fa2d9ca6a1933f5583d8b35773f57317e4fb371ad16b629c26cc5
content-length: 179

GET
H2 200 css
fonts.googleapis.com/ Frame 0EC1 8 KB
1 KB 178ms
63ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653813769&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768863&bpp=2&bdt=684&idt=317&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cr5Fl2u3iz&p=https%3A//kolobok.ua&dtd=324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 May 2022 07:36:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 29 May 2022 08:42:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 May 2022 08:42:49 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 0EC1 2 KB
983 B 195ms
69ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:41:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0EC1 0
0 92ms
92ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIrT8CTKTYvCSFJfZtwfW2Z74CPu9ns9pk-OBuMsPwbWY7s0vEAEgxuCLeWCVAqAB_IzJmCjIAQmpAhsphEhLXoM-qAMByAPLBKoE1AFP0J7INT7On3udmISF9zKxQT3Vf57n8T9kEePYH4FGTy9NMnwNhnZrSzCoj6rJbTV-kUuSa_MvcK28Pwi_LYcs7pQ5nidBd2G5ltQ1voWGHYeOy64irtlPsoMobhpvMLPj32b5Lury5lxgZ1_sR2Da3jTO19Q_umFuh09EFSmecM7waZyD7bCfMow6MUwoMHktD2F3mkYJP2e1YMK2t4JmNvIxKfwe_h1WkNROM5U2I0MFludgqpJBCIebeJc6bmvkLdYj-JO4ZB4cCCJbkMe7jWEftsAEj-jbgfwDoAYugAf8xJn4AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENq-AtIICQiA4YBwEAEYH4AKAcgLAbgTiCfYEwOIFAHQFQGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=mR2l-Laqemc&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653813769&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768863&bpp=2&bdt=684&idt=317&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cr5Fl2u3iz&p=https%3A//kolobok.ua&dtd=324
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 May 2022 08:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 May 2022 08:42:49 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 0EC1 21 KB
9 KB 173ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4cb688258440ab067c4dd9f03f80b8bcc2eae563f3fa57f1266216a7f3d6814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 502080994137221277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:37:11 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 0EC1 3 KB
1 KB 188ms
70ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:42:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EC1 136 KB
42 KB 399ms
288ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 0EC1 17 KB
7 KB 178ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:37:10 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2531119655507205644/ Frame 0EC1 8 KB
9 KB 187ms
72ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2531119655507205644/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f569399649ac002dc18cb89db627569b68c07c3b967f94d1477ccf669815fa71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 23 May 2022 03:49:00 GMT
x-content-type-options: nosniff
age: 536029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8619
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 10:11:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 May 2023 03:49:00 GMT

GET
DATA 200
OK truncated
/ Frame 0EC1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0EC1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 937d951ae0167fdfcf48a5545b1fd715.js Show response
www.gstatic.com/mysidia/ Frame 0EC1 30 KB
13 KB 184ms
54ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/937d951ae0167fdfcf48a5545b1fd715.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12375
x-xss-protection: 0
last-modified: Mon, 23 May 2022 17:08:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 08:13:47 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/46506/ 28 KB
11 KB 146ms
146ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:20 GMT
server: nginx
etag: W/"62824274-702f"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:27 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/46506/ 42 KB
18 KB 167ms
167ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:21 GMT
server: nginx
etag: W/"62824275-a793"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:27 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/46506/ 13 KB
5 KB 150ms
149ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:13 GMT
server: nginx
etag: W/"6282426d-326c"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:27 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/46506/ 11 KB
4 KB 154ms
154ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:12 GMT
server: nginx
etag: W/"6282426c-2a79"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:27 GMT

GET
H2 200 5927ef40e4a80e0040be.b.js Show response
cdn.admixer.net/scripts3/46506/ 215 KB
74 KB 181ms
181ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:11 GMT
server: nginx
etag: W/"6282426b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:27 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 61ms
61ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 29 May 2022 08:42:49 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK moment~timeline.55634fd8bf871f86dbe537f50a41349e.js Show response
platform.twitter.com/js/ 25 KB
8 KB 56ms
56ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:49 GMT
Content-Encoding: gzip
Age: 217532
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 8084
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:32 GMT
Server: ECS (frb/6794)
Etag: "8d39588ffce9da16e8e735f3fdd8f990+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2002b66aa236ee3e1e6728119a7c4b98.js Show response
platform.twitter.com/js/ 20 KB
7 KB 111ms
53ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.2002b66aa236ee3e1e6728119a7c4b98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:49 GMT
Content-Encoding: gzip
Age: 217532
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 6371
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:32 GMT
Server: ECS (frb/6760)
Etag: "57d65599f609862f8724a6a6475c8c7a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 204 /
loadercdn.net/ 0
169 B 290ms
89ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=ce0b3854b1592042&d=kolobok.ua
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 May 2022 08:42:50 GMT
server: openresty

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
500 B 61ms
61ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 29 May 2022 08:42:49 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://kolobok.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 173ms
64ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kolobok.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 173ms
64ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 669ms
559ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042176629478848&correlator=1374199622072207&eid=31067792%2C31067810%2C44761477%2C31064018%2C31065518&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_kolobok.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=1163118235&sfv=1-0-38&ecs=20220529&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3Dab25ad20f7ed26bb-2219dadda1cd003d%3AT%3D1653813769%3ART%3D1653813769%3AS%3DALNI_MaICO8a_G7CW2VqyCbsyBAZKg7HOw&abxe=1&dt=1653813769827&lmt=1653813769&dlt=1653813768180&idt=1602&biw=1600&bih=1200&adxs=750&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=true&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6286abe92e6aadb78bed0dacc0f1b5c2aee1dae3eacb6583f54aa5843d2aad06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9848
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 642ms
533ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042176629478848&correlator=1374199622072207&eid=31067792%2C31067810%2C44761477%2C31064018%2C31065518&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckolobok.ua_S_WW_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=4001892450&sfv=1-0-38&ecs=20220529&fsapi=false&sc=1&cookie=ID%3Dab25ad20f7ed26bb-2219dadda1cd003d%3AT%3D1653813769%3ART%3D1653813769%3AS%3DALNI_MaICO8a_G7CW2VqyCbsyBAZKg7HOw&abxe=1&dt=1653813769832&lmt=1653813769&dlt=1653813768180&idt=1602&biw=1600&bih=1200&adxs=1650&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=true&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a2c793034bb0aebd1aca902d04d62afaa038cc0b9875d4956338710879ce8ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9987
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 506ms
397ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042176629478848&correlator=1374199622072207&eid=31067792%2C31067810%2C44761477%2C31064018%2C31065518&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ckolobok.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=3836019032&sfv=1-0-38&ecs=20220529&fsapi=false&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm151%26yb_tt%3Dtt4%26yb_ff%3D1%26yb_th%3D0%26yb_tm%3D42%26yb_wd%3D0&sc=1&cookie=ID%3Dab25ad20f7ed26bb-2219dadda1cd003d%3AT%3D1653813769%3ART%3D1653813769%3AS%3DALNI_MaICO8a_G7CW2VqyCbsyBAZKg7HOw&abxe=1&dt=1653813769834&lmt=1653813769&dlt=1653813768180&idt=1602&biw=1600&bih=1200&adxs=2550&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=true&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

58fa0bac4c38f3f949a9b7e9e6275f5dde748837420d7d07f4751fd9dfb9c637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10030
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67B1 6 KB
4 KB 211ms
61ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:50 GMT
expires: Mon, 29 May 2023 08:42:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 114 KB
8 KB 474ms
259ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ua_kolobok_old&dnt=false&domain=kolobok.ua&lang=ru&screen_name=ua_kolobok&suppress_response_codes=true&t=1837570&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

19c0d2a12c7d826b4f695c6451ee407da96877ca492c73692580f9b9ecc8924c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=205
content-length: 7627
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 191
last-modified: Sun, 29 May 2022 08:42:50 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ", VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 9916f21d7afb42a2a13d33d371848442f9cb4b86fba47bf32048514b46a433fd
timing-allow-origin: *
x-transaction: e80eea7e1f0c7d2d
expires: Sun, 29 May 2022 08:47:50 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 14B7 138 KB
30 KB 168ms
57ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa1933953767fc53aff3ab036d0e7c5127be7d13eba7895432c2ecab5be64ff

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 351970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 30759
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:56:40 GMT
expires: Thu, 25 May 2023 06:56:40 GMT
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 11A8 0
0 97ms
96ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C86qNCTKTYoSUF5euyQPVjL_4A9q5gNFpztSd56MP3NkeEAEgxuCLeWCVAqABxbvsogPIAQmpAhOQBwxQArI-qAMByAMCqgTVAU_QWBK7V-j2pumzFWr_GW7f8SO_Zh6ZYR2JW5KR6kR-Qct_soxuQiPVhBWKTBiLv6FNUqNrWJvZnNlTMDyQe9wSsV2CuMVopPc6cTUad4xUGF1mUxG3IC7w_X-A_nCsVttAOgNdxBQ86Xi8yOss4-L8cJx0tLzNgoGFRdCUaB9U8W8lnLlHr_MDCP0g8ls_4ghaGlfyi2JUlblxILCgm5b3aSI4Xg7Q5QFAwLQp6yq9DwMj72bpj0IUQWgOYG1-QqIcRQDcgVF87y0GFC4VYb5MnijDy8AEwPXJ5fEDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB6PEk12oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC7jBjSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=R28QjjVX0ZU&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 May 2022 08:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BFC4 143 B
163 B 54ms
53ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 08:25:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 11A8 3 KB
1 KB 207ms
98ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:42:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11A8 136 KB
42 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 11A8 17 KB
7 KB 162ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:37:10 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BFC4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

115ms
115ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 08:42:50 GMT
expires: Sun, 29 May 2022 08:42:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 08:42:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0EC1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 238697905f6e4554dcab4a652a1c500021fd641da99a2c52f70e27823c291950

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 0EC1 28 KB
28 KB 173ms
55ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 383350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:13:40 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 37D9 35 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:36:39 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame 3CCC 102 B
447 B 92ms
92ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 81b7e052c5392b0fa4b35d30c984af9dcdba504d571a7010c0121c733947845c

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://kolobok.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H3 200 css
fonts.googleapis.com/ Frame 14B7 2 KB
567 B 172ms
64ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdec0715173246fd3640e430e15ed79011535df2cf4c1cd009f6aea2af8d81d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 May 2022 08:21:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 29 May 2022 08:42:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 May 2022 08:42:50 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 14B7 16 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 May 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 14B7 26 KB
10 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 28 May 2022 19:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 29 May 2022 19:11:07 GMT

GET
DATA 200
OK truncated
/ Frame 11A8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f8a37520d137e7b56afd4a5679740485c1e66c850e54b39c6049fbf2fc022f5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 192 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 dinroundpro.woff2
kolobok.ua/fonts/ 35 KB
35 KB 83ms
83ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:45:48 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-8a10"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 35344
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v11/ Frame 14B7 17 KB
17 KB 163ms
54ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:10:08 GMT
x-content-type-options: nosniff
age: 397962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17564
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 18:10:08 GMT

GET
H3 200 container.html Show response
167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 51E6 6 KB
3 KB 164ms
55ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:50 GMT
expires: Mon, 29 May 2023 08:42:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 67ms
67ms Image
text/html 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=N3h2MGdTMHRqeGxGWFlxZDRSYTZ5VURWeHRyVXBNVnZXTGt0QkZtVElTWVpPK3VyanRVTnRsTmpjZ0szUXRES0w3U0x5TkY0QVlXbjRJcy84WklCSTJJclRoNTBrUVFkUnQveGE0QlFNNW0xTnZXTCtGUFFPSlYzYnRWWXhDNWhkeGhnRlBSaXNhcVBSTUpmVXpYcVYyN1dRNUozWDFxOWd3WXJHNEZ3VzFCNzQ5bjFQUSsxaUtXSHVueTRTUjRpMXhoWGwwZ0I1V3JqRHFyWUUrYmhqVk5KTG1Nd2Zpc01lUHNTMk1CUnlWTEJNRFBVdnNJSkhxWk1OMHdwY3ZkWUE3bGw2a1VDQk56NlJ0OTJlTVhMY0E9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 73DD 53 KB
12 KB 54ms
53ms Stylesheet
text/css 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:50 GMT
Content-Encoding: gzip
Age: 217533
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:29 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 54ms
54ms Image
text/css 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:50 GMT
Content-Encoding: gzip
Age: 217533
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:29 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 omZMXr6F_normal.jpg
pbs.twimg.com/profile_images/905017721569640448/ Frame 73DD 2 KB
3 KB 115ms
54ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/905017721569640448/omZMXr6F_normal.jpg

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
x-content-type-options: nosniff
age: 532851
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2415
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/0 profile_images/905017721569640448
last-modified: Tue, 05 Sep 2017 10:38:13 GMT
server: ECS (frb/67A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b19ad3a1ee277c6ff62de06af0cd2c2eba5bac3f43d264a3b9bd87cf8283105f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 AdobeStock_463593159_geaen_runtergerechnet_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 14B7 236 KB
236 KB 72ms
71ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/AdobeStock_463593159_geaen_runtergerechnet_1.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323724aeb4f37a069592dd81fc1e9ddea4d014539f03166932eb137fb8225d13

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 351969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241843
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 25 May 2022 06:56:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 May 2023 06:56:41 GMT

GET
H3 200 Unbenannt-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 14B7 3 KB
3 KB 55ms
55ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Unbenannt-1.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dfd14ae6097102cacd31ba68b725c255f65a5abefc6e45c60cfa58298f78030

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 351969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2794
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 25 May 2022 06:56:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 May 2023 06:56:41 GMT

GET
H3 200 Logo_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 14B7 8 KB
8 KB 57ms
57ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Logo_1.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

322a846d0f85ccde422c5c83bc9bc907a475815460f2fa75c1289bfdc629524c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 351969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8301
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 25 May 2022 06:56:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 May 2023 06:56:41 GMT

GET
H3 200 Unbenannt-1_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/ Frame 14B7 20 KB
20 KB 58ms
58ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/Unbenannt-1_2.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516204e9e22bbbd7227f026efaea823f0f0a5f7208a5b3c54e1d94a755bae755

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 351969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20319
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:09:37 GMT
server: sffe
date: Wed, 25 May 2022 06:56:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 May 2023 06:56:41 GMT

GET
H3 200 container.html Show response
167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5A78 6 KB
3 KB 53ms
53ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:50 GMT
expires: Mon, 29 May 2023 08:42:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 68ms
67ms Image
text/html 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=Y3JhMHowdUNWMlRUd2lwVExLNWdiVlRrUmYvOUtOSHZNMnNOYVJhcW8rVlc2UW1hMi9saEtpdTdTQWRZZk5yWjZhbnY3aDVWVzh4Q0RlLzVIUjVkTE5SdDFKU21wRVBKNmJ6eWZiMDBVYUsvb2dOUXZ1ZEY5RStFMjl1SSt0K21mVEtZYjJaVnpVV2pGaENHaVVPR2ZsQ2ZjMHgxTEI3cXBkVHphV0NTbUtpcGsvYms5c2tnTkRpOFluTUNLaXVTOFByS1AyNXJ2azhaKzZxajdVbi8rUTR6UjJ4Q1hMRG1KL25wZHNPeHVnY3lHSUpDRmpXaUZSenZpa0FqYjVLZg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 container.html Show response
167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BA4 6 KB
3 KB 55ms
53ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js?cb=31067810

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:50 GMT
expires: Mon, 29 May 2023 08:42:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 65ms
65ms Image
text/html 185.180.223.221
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=bUhtcTJvdnFZQkhESnMxSUNXSk9PdnUzYWJRSUJJQjFPTnFWbWxQcVp1KzNHaGV0L0NRMWNqQVNKOVR5T21nZzFOamkzTG1mQTB1T1BncmNXblIrcXZrMWR5a2tlTTU2aTVRRFlUVE03THlWQmNwK3ZUZ01VSHJlOXh6cVB4ZmN5dko5Y3FUeXFFRUJXWW9udTNZQjBUVlU3ZStCNnc2eWlxRFN3eUpHb0NZRG9ubXViYWxEQVRUWmlKVEFta0NTTGFFTFJpVWptNjVMNy9JeXZXbzFHeXZ2SlMrVzRmOFl6cGlqZjRLdm5SeFRSR2F2NVZCSWNNbnVKRVY4VGpLMg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-221.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1B26 624 B
297 B 65ms
64ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNWBz0jwbAA5casxT1GTHSPk0CrmGMxiZVbPhKrRcMv9TkYzgx4c3a0xYCtaGFYlpPUgXtHgdDxJwFl8ancU815iuTNGMGmvuc0S8QNXBcwN3n-U440l7egh_sfyt1rpEtW9zMOiKl3s0eHkDXyO7tjEsgO7x3HtXZ7yb-s5T6AxREMkTz-xDafodl3PDL4cjJnqpJoH

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 51E6 81 KB
33 KB 95ms
93ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYQLIGu-CjYiNLqe-TIM5_m0rF-6LabuhBgmCVEPx1hmmsQWKLzSk5gYfxDmxF3HaI0k1b0PA3AWiVTA8cm9lxVEgSd8Q2VlkqjSWvZI8r6dKC6aCrKGOb-uXXj4SAuNPqj7GQMTNufhYFmoiLXtG9fTDZ4w&dbm_d=AKAmf-BKsBE0ici5a_kafKLEn8BtN0kAu7KjJ32TGJ3Z0YFtwifDP6Us-8tx84fC2sSoPWvvBIfYzuPYj686Id6vXIRIpUCzwYYckzKAsGopeqK_hadoTReRdnk29-cG1dgAeezl-T2pDOtZruxdch0OS674llLzzacnp99qkCgZRz1QUXhuYvZhdQE8MT_iFbUpBu6jLrOZL8dcImiHpKYoD3ezfGFG1b3Xo3gBMzkL-QHU_nlASRJZPlb9xgr_sKP0B4MbzV94ewtllWgLiIRPoOJ6gtSNMVdsEH15o_8yRosJ7_YXxMjitEPvQ-XV2vnyySvYUwAFzSxOM8zgxhhb1Id45EyF4NvO76QqxmC4bSFnhzQunqkV43zv8Kr4iqMLky9JSckc3NkhcWakQucO1yTnDPpnL-83slf6r6M5SCplLU3N4pMPBsClvK8_etNKiqJT2kRSC3yhgf_JM6VgFt0rHVsDUrKrSK9HX1OD38J2JPvBXeXSdMc_-vBsP_52q--l0q0favormtHhYQkSummSN-Xa4M4jEvtJmv_EE7VHb-Ob2EXsbcxr7N2eFzJU3MH8AhE44yz3_2XnQgZMvcJnzPpaf3gsZOx6W9hxCGLoFaXECRyZALtLSxY_MT58s7wpdmOO57a79LfKe9h1iohryqymGOlwx4j3sK9ficF9oNrTJ13L8e9cMh3DPPP1o_3z0z2ch5M_g8Mmw2_UG67561ylf_YrExI9gGgFo1Ct7Rhxck1dLZFiiOf-trx0kU0WG6bDGAj4OExjBOD83bZughWvWU-x33zPoWUVpT3HwWoJAUHRs6yFZhIvmVcy2H1c4MsuUJPifqZpRvJzEJ9_gZnfI7hxVGEmjO5A5WtZRtPdy9qlyNeVqopLK1XBThDgcRkgXO4JbJN_WY5X7VzcmzEFo0khTGfSsFlA_ozIcUZZWnUi-G5-i5gCUeBfihLBy11c69Df68OUVi8ScRLuqaAITXQyspjuedOzrNcvkZLoOVIAqKaXH3UVL9GxMRtRZijUe8wCcoql9eDND070V7bnbjQRLEgeH0M6Yb0fyo0qxTUtcIPIsZsckdz8wp3fTO5QP6iz6baQNUCKsdECd-3OzoYNk4vH4HLFq5cn58T6ryKDlFk79kr3sSsmv3PdP6P9101ghNZAQCeNH-YxxkY3PEIom3F3G-EpmQsKlwfX7zku6-1_2sbEZY1IPuMpx2t6veUNhJuBSLF-M_0WwqSUbRQcv-A5Fh6v1nt-rCQj2u138VvYw-QcBsQZFtZD2F1F5ctD02J_LDIAiKob96k9w-V2biiKodpiJMW504YHvMDCFJNp6ProRpm4QctNqIQr5qbbc9a5ts3VJV_Yf6c3_aUAVa1KUydRq_fOHixw_2GA3UUOv6x0G5MJPqqdDRiZ2nZiM_qUvPTlkv3IJ4HQgIzgcbgkF6-kcInYmjrcwJCifxNHHduoi4V91ARGtk2vnHP3OmFRAXRF5RdcxK5VjpV3FuNoBrgtx0vBNCme5whKnZ23mh012yWHtCTxTDIq0yzh130ZRTAbu_bHIEftfPWwtJX3WpsPG64mlQLrUdFZSDu3lSOS9L0yeCYGzQugPqAoYmW8NUoiJ7G23ymx-MAJEGYBOyaY-lf2xY795byMKDkiwTpbcWxm04asm8eAYw1cOlkbFRxGfLTKZGhuQJsTXcb8eW9RlG1i3tcgYLPrSiGVtnOZvqfbDNjLlMEV3HMGg4raCpKDppVo-6CN6t_tCIRF2Sb8EROF5_zYANikJdh--nBEI3jLvVKADVoubO_aHArUWKeK3nL1WCMR3iNXotQ1Soz-9VoHN2AL3Jqid9u38EW0cNET2t4ONgM0P12ay3-walxlFq0-8XJ6nV0Kz5-oGG2-e6zz46PdL2zQEiG6quE6OwFMgIjKo0TmqSFeioRoCXESq_FxRp8dbKMLPfGfePXalx-zAU8YzlcLmW-pKfhMJ0wKDDkE-f9ceGECcGfKQoHFn7EycoAkTKN-bHRovdcGS47nSlfrjZg04CW76xf9o8Xjbo6Q22uqjhY6UKxcXzFmC-hw0ruR91f2dkU3NGoppV9A1_bwJT7R5Vnac6VxHECcTK9K7sYy2cLT3AkpJK-FkNF8-coYFq_5dfHQGs0VfotneLUTjcUl3Dw4lg7FdOgyoMNZpLPHj1OVG8PR6LGu8E67mZ66jsUilD_nkwXfLg9oIAlT-Kw_A_BF8ivhHu3LAisfw7elIRjRUztCPqmjAFP-8ZGOFzEdBOA3vnvPQHg3OR16lz-zYhylVdPkkwIPtfoaSZgChjEEL8-bNT4uOShk92qXVrvARvjKheioTaF1xugr4jt5tHQDZQKQ-4ykx4e_IyeBtzzOlYbsrQS1mCNwoNGMVMaEk4ZIEOI3DfNvDQFCFavsr-vg5dhqK4fDwUFEgAyGf671Fm8pqtR0UXPwmbdck-ATAIT6wbyqTLyrVckwjMvoE1f42QvQ523weW9srrxm9wHIvpn1za3cm6Wt8Cq5pQ662PvfnuCHc5_srkQFH78mnnpFBLdkAbR1N1BkJdf4N2ySeNm76sMwZayZl-KWf4QQIwL1UGevT74m-lVCRWKhvWrhq2pXzbX9OW93bzaWggLDSsrwo40LS0lAoZqA0Fh7sXbnRfLFkJBMmP9HoAwbNt_JrJJHUD21sImIgami54NKHtmYSXVkX9_YwGdsMLd8vEnEcLXFj4wWp6txm30KMWzyGoagDjuw51IJNtQNyzj5pXVPJn2CIYVH81YhHfh1VtuwjvR8ca84gaCPxmGpCaippk9v6ZnXGShjt-m6n941GwSMD-JV9MUerkdKGq5Uicch9mEdSsMHROQo7-hXHv8lQLZ73bHfZBiSjhP4wGJnOKRtUNPd_JH-FeQeGCt_DVVVDUVWDc37tOiruCsZTsTQd3_-GP9GlLVr3yZoAzSzreDICWhI4Fgthxgx0a97_2897lkQrhy2udxI7sSHO6EuBkNpQWD4OHs0cWA_dYLrGIClf0sGc9ZaXJznaS5Wv1zAgvzv4_Zw9kOaqsyZu6KrEX08uHen2Dum8hSpmmwTTCiOHcrgEsjlFH9wMNNS6GlEac_O5SZ5yW0KH7mqFQGLOUnnZ_-x9z0bk5K2JM2pDKAiGkOpl4I2-xWgEAzXK8AEoBq3tWCjw9fkuRLx-15AtXzcbysjMdOJ58wq_NYMDkRDKbC7DZsqHHbvN70WtcwPr-CJjKn2kF8ucI5LTxp6utQO6ySJQHRaLnLXNNnInKWHoY2qBjBkZtBK-2ZLkDWH4Po1NIwpfu0LJO5UWmrwTxVE6rFz7QgVSOPm5c0AnPySnCu63TwT_0Gf_MN6ZM9dBdndRhU-pu_qzUa0gMopmp6MT11c-5-13UaAu48yM5GeLXUN8SRai41uCsSllFDV-W5Hpb3_o0q61pMsAtSXJv-SZfXpolHU9kgPFrvITSPIm_s6LKx46b1pfUN_XYEajh_iuo11xtjb5mFtJ4PPJxoPYTku4ptgyCHRaxnEH_m_Tq3pFYgP4c4cgR2DtrlmxpqKgTtYmvf-ZbFOnR2-hxJPkwPt3kFgZnsQ&cid=CAASJeRo-Sxy5mvdQR4RLi0NqV3iy-D1eDDHaYYLGqJFuA9nj79T_DE&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d6f13c648176bce0d56a4001f0a0ce3b9c59728a372067c9ac442a55e410e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33607
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E6 42 B
63 B 87ms
86ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0uZzAvdh4oOPvfUdPZ0BdJAyZM-gGjZznPngmiqD4x2Tyyz_nrmamvI77A0TR0QY9qm6OBfJkeix3rmU-ud15Ee-zVMbKslmRTpr9OsUKO7c49Oo

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 51E6 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:42:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51E6 136 KB
42 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 51E6 17 KB
7 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:37:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 51E6 0
0 176ms
62ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYG77QyEw000En8KqFRJmIwLyjS96iTnfJpzClGCh4pPRF0sGW8-3FePebj0n--DglXF_eOyB4b0Lql_WUCp3C5jLtNw
Requested by: Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1DF9 640 B
316 B 64ms
64ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNVsGn2L_0fovQBkuKdzZ42Dr-KjSAeF25KP13KnKGBHYROLERP7rHWI8TUc-JaTxYNd_ddzSR8Qc89JSSJJjeWrZIK9ncAITVznMMgHU5waAGl5deC6KP9rgNEp0qkb2Je8Rx313W0smMdZ4SL8ixfgx0j7OsDLF81g2JMosSOZ-4M7mL8

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5A78 80 KB
33 KB 119ms
118ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmoA1e6Rt0xxIa_jE82EmUsTZK_A-M74kYdU5kIj4vRE_OvtD_oHAegKjNmZU50VsfG1UlYsNrOxGiGuOs7M55_-5jC-12p7UDzMqUOxvKd2hoabFJjwy0buY0DAwzetFoF9RPFI0uXLX_pHfIxRZFau7gSA&dbm_d=AKAmf-Auw4uIJVOuOxVy4E-pDi21ACl2GD9cawu5VFQJtoBP5_9SiHb80EKZeWVp0nsFS-7qdCHb3eET-A6bTvf5t1kShnneNel7BrG8PeiOIfXYbNDH8mDdTMpMjfu09Uavqyqjad0q5aPbTq_rE7RWxnJYb0iMDUH6tKm5DRwZAFLylB-3BNOXzlvqbL__7UTzsiVr9N1LdF8IqihYkH-5OUkXwn8OnIRcKCTmKu-9c0biv71Ykgk1uTav0OIfCTuPMvW-d273gdYBWBaqH6GrJYnIT18t5_kSiqkBd6UvZ5yItyrhCNDJQK7UwvpaOsA80_6BfA2Ykcqi2ZCVAQyUwPRWIuQ-JFhS-jpwzvqYToTdZhq5Y_TOp08bGq2GgQdvANdQIEDsX-ISgCedB5fWkOJixPCO_FxBH31AoPNwc4vz1ikQ97reXoG3Ukjn32oxzSq6p_cVvxrUnqTL4fwWup8AnxRSnoBLMQh9KMNvgVaXfPa6-gCDeMZlxUUUpOpRIDbcCnH8je_qPrUkYeIX10I0mdIYtM7F_OJVzQudAR-8jAGx6LqsobO0ZGT3_76PRrDbM8LDMHj8Yp9bBHk3lxC0uWYLE4vlNwzq2h6t-z1M6zD6cMMbdYgEznJ-vc9emBmK8ZwNTvDb1YLU5Qh1BXsc1ZLHgpP-6h81-iOMbP9-fTDJN-Kf68Pzb5pHDZVdvccDqYYknNrzYHNt3ja4_pNLL-Ob5eiM0U0AZ1qrkx4NkllGz70Corm2ZkFGSfERPX8Oh8zXWGpVxnUPgnXCsJGP4Fp4IdA-4oNWTH0T6moyxtPqgNanEWfORxsSScDSSbSDqdDw-l5_0CXaDn0CuHKRjawNkAz2psQ5oF-oeTOmc9XbeVMaCK3wQGU0zBCmyH8PCK40NnyxcjQHu-lIg_5on19GzDjksHnS1kPyJJJ4cLCDA1N_KXGJeC8m4mLqwcla_ysMrZlwiosY8HQ8CeUhMOcI2RMrLczukzjWHiyXj8RXbLj95ALZykjAN6AJSlQjEeACtg9GulNWPPSEGKf1UkBGfatxzniINDKQJMd2LAWtCluacw98rqDW3nOz7QxjibbR26iGc9um4GkO9swGqvb8Srm-57S4XivakrSQGzGl0d_YpnYQz9TVrE5peMJgHV6oXeoqbVsgCktJCzRv4EEJVNh_TAR6BQoCx5sVpIiWyaBx5i5I9zzX9xj3hrvDyoSWaDsnNSsGskHz3tn6YzA1sadJm1DyAAaWXZEdKvl6e2KlM9reHG6PBrLTc6ANp4xIMA6L95wqr6nILatY0luQAnod149OhJZeVuPA1JTR479kSMCLMH48NbaZsmYuU6Lei37HdulQPWU9Sg4taHOqPPKKMP362VTsjk9tfiDwhOh6krB9igmGR28-uhoS9qeERzRa09UG8lVg3gt4B7XdE1lFqynOuM_NjyFWC-63wad0T4z_WwaoZIBuMlicCqZlJXld2tQbqHbQg_zvocjhGjM5pvw7LjuzF8ka3vaKGke-4_W6B1qEvQzk77vMkhx9LYyJGvfHKkp79-0kXWOlCKvgNeyWHR---qEG4VK5Udy6yGyLIAyRKUUrtu-_sYkx9CDycD7RNWPWLFRsWocNgsl4OuAmrc_pyNg5HOm-WxADavxf2M_jIz6lfco7AHUJLP-kVTundRwlurPKZfGAqV97WePt2lsJrEGkAKJFNXa4M6_B___p_hFzTe3OJSLul12-Vuhef1c3KdNaBtacJWHo7iVm3IvbTjxg3wxVDjB-3E-72hDKI39Iwncexw8fORM3a2-_vDCnvxhK899bDWTtiYoQ4fMjO-KV3LKk1jOF0qyTXAeTiGC3QF-ZN1CagIRzIRtZm2TXQdB3QNNnM4VU2GjuYriWdnkbc4dfEGUQ3OURdwN94W7sZ6BXCPu2O2oGZBlxh3OLJPdR0nVagsISXgq3E-MPthSurr7W2ks6JU3CHu5yZrIkvrKi3Oa2N59mMM4GdA_k-_-XKufyhel6KtKLjG10rYFVRkLWOefwFkZ9HbPJ-fNzdkFZzTQODhRsfK1CElcmTfmPMuSi-fglnSRivbprMS100be3cCRvGWQUhOqj-aBfoMUybIeUtPCCRE0IO7Ecjx99tvXGEC5Yal7E-HQxRAGMGjWSIBa0Dtg07HoUJpZsDdSvH8NfEMCYopZ6h18N-FaNXcuAmnQ3z9X6qtE9zo_IslUOSNHxgRImxzkMc89dVZcJEj3-wmESNaMbNZBZyHWShfD1puqKVJTnVC0jt6gEBB70a57QY0P0V65refp5KusQSBY5_yfry3CnD50cRmw0Zqi5xSVvWYhNe8z_NdkseZxQ2Ynre5rpbAL2J99VAvkayRV-E3yKabCyvFLkWUkoPTO5fAxONnCFmxNs1Hz2dQfeE7BDws22C2BBwZe9vFeylxWwylZ_LZGG7t5CtFQkLTomgRQempgqlNI38hQTPUdRyIIytWM8sSIFJW0tWssOq1VeVdLIM6lEyIluPvORweS_8WdL9KaPib2zE-MDkj0uFLO8Y4alAT2cVTgZ-noColgJpxFIkOBLjc8OgqknkNnINeWN-NVEibWDvMhv_QdBw8_8vw4HUYMssC2A-op7dyOpstNZmwFRR-rnm8-Pgm1iXHhuPYjW3myhXOVgRjocZSUTctgdfVg2GV2oKM7e86qxQ42CcCmyy-oiVgRShWSwLlcr92OgMk-ypYqVSkE3_GA_7dcv2Pjb50sDyQiZi122xplBRR4c5HTiFp7o8nC6nP0b1FTLIOhQIZ04IIie92leO7rPdL3oyBIiQD4eUZU7Eo3biiSzbl1iWBAY6cYOOhVWxFvP9hmkaoQ-TgnzlF7n0T4S4SKecIqalXnBvXW4o9RYW8HcAeP6d2KRJaPKcPjie5ZBoRSp1atRz4NjRxWyrkyaqKN7LAvPNZe3FwWGXbYKjxvLmhE43WpYMgy_5H8AxhD5NQUiAAtHuK7Svq5lpyETpUG90_hMjpWjc-kCzbKBY3VbplC0PojJDqXCg0OKlpelFmkFWQbsNloPgoSWcpn6DuubMqHuSgQo1cc13myIvWxAbIBf5hv-0m9fAfr9dBSqwXLQF9Ai_cSzNWSv8lfJ12c-vkLBVn0xBfGggmrsBDZIAKxRS5n0pSv_wCsMxrWxNM57mMxMvI1u67VnCKrEXTobh44dPIFIuBapN-ZGa8T9hV1N1z6PFMHjRs1HKZexlBtWd8mi1mwuxPT-2MTosEoHMeBb0Au810wWAQHkX556ITi_qScsUPW3IGeVTZCJ8U3uJ9uW8UjZVZC5aC7EQ4vue2kyQ1kp4MKZmvf3v4fplrTk7rpARqfqYCl8VREf78OlpPTZSZMvHE9Z9ikWKVqenqoLl6rRS8Lf6JjM85EesLtydaQw8Wr4WQ&cid=CAASJeRo-9cHZyCwz8o-p9ZiHbF0fe4ncEqRh8jwqDLFpme3YkgPbp0&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82f7a67a80ce007634aa263e87d7212019848f6f915fa847f3df2e7b092b0a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A78 42 B
63 B 86ms
86ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AF1ptrd-1iecObYfRw9W6OpSc0sFmQlce2acp0v7JluY2XpveJxfN98nH_HHL0V5cBmFueYhfdGlrBSkLGygEFphy3_bLNAd4yC7xJBrMmJnBxlis

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 5A78 3 KB
1 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:42:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A78 136 KB
42 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 5A78 17 KB
7 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:37:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5A78 0
0 158ms
61ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRDTuifyveaGwHTvFXQQlBOomrp8wrB_jzD6CAAdc6H8T_poCZTWTfBJ83Ja0EdbtQiRwTO2WoWHNAbnSuQqQXV2BHQw
Requested by: Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
380 B 151ms
151ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkolobok.ua%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3Aua_kolobok%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1653813770561%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=7df9bb3d05c6c4c533a8a31b54a42536e50f4c48

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Sun, 29 May 2022 08:42:50 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6f4d25cb5c0fa2d9ca6a1933f5583d8b35773f57317e4fb371ad16b629c26cc5
x-transaction: 36e9dfc0ca434165
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 486F 586 B
315 B 70ms
67ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNUcm8q33yH1nq4zSHq1yHLgBsX5cVbwV9GQVs1ifPlNQch0fGvR1fcyItiWymXXBSDlBOgFFrn8lYFQD_2PagsqyCMtcLhY7P3UkLs5hlpsn4603DCG69duJVBeWMRrNeoVn9sKelGHOot0rU6vCkE0Q7pnXYPhCDeAYoIVWmRa9PNRdr4

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 294
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2BA4 81 KB
33 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ao5SeK3W_YBhkzS7SVInn7Opw4-9g8z0Xv_m5UInHKdEntRshA0YywzNcbjM1JUXr_3l3k_TwJm3XoiJFiEhube8Vf05JtFsdgv37RC-Lgij-duTG6FOGxhG9c_ONUgdTfwZC_3kIDjNUmayjML3n7_zNWOw&dbm_d=AKAmf-CKPQLReF9ETcdwYe_Tn2vq-aTmGlZEZjR4AbeWec086FZGMlr2XwyoqMgZaGRGMpW4SIBkkeycuOgasOZueOzdwWPRK6ilNbeWA827bA9lHlsS8GssyYJD3VvlIo24fRAB7ZESL-52_BQfmT2HKMJjc0j8JGs8t5Fh9vrKfUcbr-bP5iQ9VlKtQ6v8XTlWddiD4ztpcTX8PhNWo5qZ4zbdBvQJ9yoxz9WHpsmqd8lKOSg4SwAlhxQGAR-a0AM7A0QiBhXvFRT8l43Q23_o5ULcZpg7GbOpf4p6WLvyHdjAoyOrzWjF5sywYb3T-wtT3-RdxR6qBTitL67Lf0nb98uPnbovWvn2pImSP05hzk9B9MWw8BeVu7G4KhDnPnzea9npcQNIZf9bhekbu0reX1Bp-5pKY80oaBJU69PbxEC7gRWgP3j4u-nYwqp14m_SvWXuXnmqp4NRyBcg5LfmEa74XW-uXNttCMXRbUkPzQruqVBd-rz7jIMQ1gk7Cld-K04nqXXEGPQtUZbp502H2Kmih2d5dMAlkPE_faicMrp2wWXq6zUowNtgiyVNpFaZ6X1vuilSSqFRWgLXNR4rlkaTSyXewX4lQ29bg2rnWw7XRQlqcuSwehStbFRWibk3k7sZyORGMcR3zunk2vWQEhh72Z-PUqmjM_IA-jB_lbs2IFpND4KeqnBeeCFoBiADFUY0Y5togtIzboUYx4z2EY05AbiAQJpf7eH5UxQ6KHQZCzd6AmWrW_gadIKq-9w9gZl0ZBmYJ2se0NJp9KO_4JBHQeAOXnrfBzCXrEI6R9zCGjodvYtok2cpAaqzXrL8qckjs07295OG2z1FVp0rMd3MxLlmALkjA5OdzgAcsX1gI6DmlANtiBuC0-XjGy8SD-Yt3MOGV2QP1nOklIa9s_YfK0-mHBus-3c_97UntL0b3UrAx4jAULet3i0x-tUom3ZjjaJw6fUduYzzZMlhhD_dW7RWlMuchSY9WV9nUMCX-Ai3xmbGysiHXAQgkdYpYn9hOz4CQYPEiN2zL3McKZr7oTOYKp2nx_OkcpXTjaxnWe79YxFTLye82osbpaq1Dy8enGvOvLO-UVtbWBqtorSblddHStNtp1B795oSIk2TOo6MzeYZKXrN8dI7tUV1GqskJ8UEMwDdigyn67HIZTQPQgzCcGJSC-vEiYgmGpiPAQ9LaDD9LoSBgt_Zs2coJBOQQQ1CPtpTCd2zUff3YmdCwAFetBKDDH0e3bXzxjgQUXq2NsMoB475SooPSa3xUhVe5ECycEM1I4o3OWoM1vgJz-lo-is1DxkIhH0rGp9z-6NKgE4WkuqRmaoGRWfmq7uXPJGprVlrfOIYiZTdfjysspBc1P7j2TdL1ndoNl_OX7_TcqT_PAHlVjN2f-ceu4rLtc4ry2aBxOdF5VihYD1MAm70gGpOr6OmGK9i2WaYLh-_ctyqb6SxuZRUmWQGU9k2tVsQNjAD1uk9w5fekyRSFmE-UNWaFcvs9LF1j_jKiuRsUF1SGFQkjQ90gKz5_qiFteKhNFiNgQIfgcSf_DE1uoBx2YZqPcB30VRLYDwXoNPCkdOUQ2h9L75VaEqtextD-j-lNcIC1_E-3lKCBDuR_-ViRFbvi2krE0ICYPtdZU6Y3G1IKsAKUlmoAgblSbK-CC3kS6mKm-IV3tLqi4InUlLMuLKYgSim6J1hQQTwXndKaO0cNHnWN6zRIjEH1HCTeh41EzasDGN6eCoHk8w8cFZbzGzZHp8e8rMxW5CjvCzFYtORDgayiwcxFwh2bJrYQWRNsKYcdj4ZVeVwCjkH_kt7Qe-oEp1bWleGIhxdLvxnBMualjW8_KTgMvK9sAgPhN63jEUeGKn8EK36IzCpqhicemG0LFMoF4P1d1i2xQEVrXa88MVPYrEHjo-QSm6YK0YnwzNAwO7tTW7dtp9idHkrkBurJuCzSFdrDRKbrfs__6gbFAk80hXmvxrIaRULo-J8LMQ-BSH6JIvTvquKVs90owY3nMrhvsYOPVuoFkrPmCuLlM8u0hCqji-vT64tbSFOV7Pi1kOq_KwPBb1k8irTKk7hxUS_TIvdT2alk3qYA9RdPNRv2RudlPh7NI4iQSDqSqIESQ0DgCml_MyIMaqG9ANPNMrTn1GGd8WMEP35VeY8n8JUt1zXoS-wz73MwxhfFVcFocXRO5hi-bk5D21cIOwPSlwDKfaBqORsvpA32hbXzEjbk6W7w374AOGE2GOV4C5u0H8bLw1TRkOeRfzruWJRJtn5njDYHgFRHeujEfHcDaujFAsmysOC5sIZKCXZ69uYGhNaWTWM8DtQmw9p6jQV5aq0FMZBbaorPOVCKQgpDyisC3Tn2GZiikubMZheXio9mrPvyfsCG6RVvIwe-vyWgXmp06lgYsvYJLqh4Wki85EQqBYJLdVnResoMTLJITbZagRhJXkBEr2inTy4PibzyigHwrtBovTR1lFkLoyL04r-AnnNsnjpghDjl9MkqPBjAPnw0qyRnD9aVuxispOqyDrnkJzBh6IVLnGCoUIAi1KRRzLizR9agGksOiVkjq3BxRIvQW3gG3IcCjrZrXgPQpSsYsUQ8oMmnQzTVGue1ruXgd2NqvqdWR2bpRLnKrPR3b2n5ZXzkLVp0llGoUSKMOA3EkrLpBb5xvAaP2K9mcdJoLBIGkaGbPAT0n_82SsvHAyXyQIoC0S5Mg3_k-as3XmJ-OJaQcf_Q923z3G8T-T3-xmJOelz6l6WxPesSER9LobNtW7Y5l-1trg6ttMGpX5cLkHUz2A6JXmixlTwBEang0Cw4-vqIx4JR-gOfdVzh8s-vw4QG3BM95F6ykNjW4R4NbkiH0b3U4PT3WD0UqmPgOLs7cSrDi7DL6JB_lX_fATVEDQohOIVaXHw6_Eq0IWlcH88fGUzVXCKCqWoN78iHzu-SW0OTsyHknXEZhQA9kB3X_DGtjXRu1wyKpTmboTCLQK7UXJIWJwcIcPWP-w2ywbKSSjMuE_ZgMBOd80iuHFfwkcnVQAeXAlkZVEn2UQgWR62igFp8V1UMZQpZ63mq9aiFJXJriJJwciYksICd_cCB_M0XMw0IkDcDIDaExQ9fQkBtiGAkUnxa-chxNJ-r_wd73OEgfyRpCb9obAL_x5JS6pAUnUlSrOFKiwUFD631wWSTSEKjCypYkn3GwOp1L5RAQ1-KWG2Fj90YNCt2Z3kKn_Mpb8-xKLIcO0ug7J-eVyUaD-jGBMDTc5xHId6_LyJ-FVwlZj7pOSCl5WFAnxnEqZrzHizwLFxrOo1WxHUnvR9lsYrchNhPpVq7zv6BWI0tC4LK-PkOHMTfOmFDFJw4Z5EvY7Bk0A1a3Fd2kOpMWPRi2EMVhoIWnk4agRKeNswqaPP0D4GmEW9-i7MpJIw6V0IlpxukWx_zsZfATTTFNDTJl9pfm3nRv2keowH-TvY_mJxUMdGo4jx8Ve00y2Xu6bJ157v4WIPvnV7iMMOf-8w6YLAkSl8_E0_WmyGX6cDIQ3uFMRUd5jdqaSLsHE3Qr-HKdiiJ14ptaPtgdXikHndbyUv5sES6At7vRHIQrkxOe8HuX9rlsdw&cid=CAASJeRoEw0xTDuwnyT_52xuLZ7mqpc9IgWzcA8HCm80jW20AORRrDc&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ead242d2c8a1e785b31d6cbf46a08947ad61ab107a08c19494f6d2b62f83b1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33904
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BA4 42 B
63 B 88ms
86ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A1C9jm4xNmHDOcRZ-cn02Jjd939D2vTps4Z460lf5Cib0GuiXlmWHf4IqtFkmeJDzh2bcdvN_1pl_PzohmP2cA8dB0QQQGroS_CpDYf5oy8qoCoTA

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 2BA4 3 KB
1 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:42:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BA4 136 KB
42 KB 66ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 2BA4 17 KB
7 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:37:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2BA4 0
0 122ms
62ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQglGw2hIj7YtDx2889-4TIDc9IUGlkcVM8sX6qyKEAJUU95UyuT1iZS27DWxBfjlBvoUe5CGXDMS8zkiWvRqEaC5BzQ
Requested by: Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1B26
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1&C=1

43 B
1013 B

82ms
82ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNWBz0jwbAA5casxT1GTHSPk0CrmGMxiZVbPhKrRcMv9TkYzgx4c3a0xYCtaGFYlpPUgXtHgdDxJwFl8ancU815iuTNGMGmvuc0S8QNXBcwN3n-U440l7egh_sfyt1rpEtW9zMOiKl3s0eHkDXyO7tjEsgO7x3HtXZ7yb-s5T6AxREMkTz-xDafodl3PDL4cjJnqpJoH
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 29 May 2022 08:42:50 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 29 May 2022 08:42:50 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1B26
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpMyCrWNpmS4pYBqU.EeWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1&google_hm=2

43 B
1013 B

71ms
70ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNWBz0jwbAA5casxT1GTHSPk0CrmGMxiZVbPhKrRcMv9TkYzgx4c3a0xYCtaGFYlpPUgXtHgdDxJwFl8ancU815iuTNGMGmvuc0S8QNXBcwN3n-U440l7egh_sfyt1rpEtW9zMOiKl3s0eHkDXyO7tjEsgO7x3HtXZ7yb-s5T6AxREMkTz-xDafodl3PDL4cjJnqpJoH
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 29 May 2022 08:42:51 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXGQ7qgxXoczbp387GTLrA&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1B26
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENbwg68eOdskZgoFOxTSv2w&google_cver=1

43 B
1016 B

98ms
54ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENbwg68eOdskZgoFOxTSv2w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNWBz0jwbAA5casxT1GTHSPk0CrmGMxiZVbPhKrRcMv9TkYzgx4c3a0xYCtaGFYlpPUgXtHgdDxJwFl8ancU815iuTNGMGmvuc0S8QNXBcwN3n-U440l7egh_sfyt1rpEtW9zMOiKl3s0eHkDXyO7tjEsgO7x3HtXZ7yb-s5T6AxREMkTz-xDafodl3PDL4cjJnqpJoH

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:50 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ea8190cd-2655-4708-ab71-395d8f10b404
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENbwg68eOdskZgoFOxTSv2w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B26
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU1NTE0Njk4OTkwNjM0MjI3Mw%3D%3D

170 B
188 B

158ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU1NTE0Njk4OTkwNjM0MjI3Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:50 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cc287e62-a389-4f78-b40b-0615c8112421
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU1NTE0Njk4OTkwNjM0MjI3Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1DF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDDVRTx_O98N6M3uO17tSjg&google_cver=1

43 B
114 B

87ms
87ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDDVRTx_O98N6M3uO17tSjg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNVsGn2L_0fovQBkuKdzZ42Dr-KjSAeF25KP13KnKGBHYROLERP7rHWI8TUc-JaTxYNd_ddzSR8Qc89JSSJJjeWrZIK9ncAITVznMMgHU5waAGl5deC6KP9rgNEp0qkb2Je8Rx313W0smMdZ4SL8ixfgx0j7OsDLF81g2JMosSOZ-4M7mL8
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
via: 1.1 google
server: OXGW/eecec1e
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDDVRTx_O98N6M3uO17tSjg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 1DF9 43 B
305 B 193ms
75ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNVsGn2L_0fovQBkuKdzZ42Dr-KjSAeF25KP13KnKGBHYROLERP7rHWI8TUc-JaTxYNd_ddzSR8Qc89JSSJJjeWrZIK9ncAITVznMMgHU5waAGl5deC6KP9rgNEp0qkb2Je8Rx313W0smMdZ4SL8ixfgx0j7OsDLF81g2JMosSOZ-4M7mL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
content-encoding: gzip
server: OXGW/eecec1e
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 1DF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEE1xOIIX8ACphfFFlqOnZug&google_cver=1

23 B
172 B

123ms
82ms

Image
image/gif

104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEE1xOIIX8ACphfFFlqOnZug&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNVsGn2L_0fovQBkuKdzZ42Dr-KjSAeF25KP13KnKGBHYROLERP7rHWI8TUc-JaTxYNd_ddzSR8Qc89JSSJJjeWrZIK9ncAITVznMMgHU5waAGl5deC6KP9rgNEp0qkb2Je8Rx313W0smMdZ4SL8ixfgx0j7OsDLF81g2JMosSOZ-4M7mL8
Protocol: H2
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 29 May 2022 08:42:50 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEE1xOIIX8ACphfFFlqOnZug&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 1DF9 23 B
172 B 285ms
81ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNVsGn2L_0fovQBkuKdzZ42Dr-KjSAeF25KP13KnKGBHYROLERP7rHWI8TUc-JaTxYNd_ddzSR8Qc89JSSJJjeWrZIK9ncAITVznMMgHU5waAGl5deC6KP9rgNEp0qkb2Je8Rx313W0smMdZ4SL8ixfgx0j7OsDLF81g2JMosSOZ-4M7mL8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 29 May 2022 08:42:50 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 51E6 119 KB
42 KB 187ms
54ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Origin: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 07:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 07:49:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 51E6 8 KB
3 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYQLIGu-CjYiNLqe-TIM5_m0rF-6LabuhBgmCVEPx1hmmsQWKLzSk5gYfxDmxF3HaI0k1b0PA3AWiVTA8cm9lxVEgSd8Q2VlkqjSWvZI8r6dKC6aCrKGOb-uXXj4SAuNPqj7GQMTNufhYFmoiLXtG9fTDZ4w&dbm_d=AKAmf-BKsBE0ici5a_kafKLEn8BtN0kAu7KjJ32TGJ3Z0YFtwifDP6Us-8tx84fC2sSoPWvvBIfYzuPYj686Id6vXIRIpUCzwYYckzKAsGopeqK_hadoTReRdnk29-cG1dgAeezl-T2pDOtZruxdch0OS674llLzzacnp99qkCgZRz1QUXhuYvZhdQE8MT_iFbUpBu6jLrOZL8dcImiHpKYoD3ezfGFG1b3Xo3gBMzkL-QHU_nlASRJZPlb9xgr_sKP0B4MbzV94ewtllWgLiIRPoOJ6gtSNMVdsEH15o_8yRosJ7_YXxMjitEPvQ-XV2vnyySvYUwAFzSxOM8zgxhhb1Id45EyF4NvO76QqxmC4bSFnhzQunqkV43zv8Kr4iqMLky9JSckc3NkhcWakQucO1yTnDPpnL-83slf6r6M5SCplLU3N4pMPBsClvK8_etNKiqJT2kRSC3yhgf_JM6VgFt0rHVsDUrKrSK9HX1OD38J2JPvBXeXSdMc_-vBsP_52q--l0q0favormtHhYQkSummSN-Xa4M4jEvtJmv_EE7VHb-Ob2EXsbcxr7N2eFzJU3MH8AhE44yz3_2XnQgZMvcJnzPpaf3gsZOx6W9hxCGLoFaXECRyZALtLSxY_MT58s7wpdmOO57a79LfKe9h1iohryqymGOlwx4j3sK9ficF9oNrTJ13L8e9cMh3DPPP1o_3z0z2ch5M_g8Mmw2_UG67561ylf_YrExI9gGgFo1Ct7Rhxck1dLZFiiOf-trx0kU0WG6bDGAj4OExjBOD83bZughWvWU-x33zPoWUVpT3HwWoJAUHRs6yFZhIvmVcy2H1c4MsuUJPifqZpRvJzEJ9_gZnfI7hxVGEmjO5A5WtZRtPdy9qlyNeVqopLK1XBThDgcRkgXO4JbJN_WY5X7VzcmzEFo0khTGfSsFlA_ozIcUZZWnUi-G5-i5gCUeBfihLBy11c69Df68OUVi8ScRLuqaAITXQyspjuedOzrNcvkZLoOVIAqKaXH3UVL9GxMRtRZijUe8wCcoql9eDND070V7bnbjQRLEgeH0M6Yb0fyo0qxTUtcIPIsZsckdz8wp3fTO5QP6iz6baQNUCKsdECd-3OzoYNk4vH4HLFq5cn58T6ryKDlFk79kr3sSsmv3PdP6P9101ghNZAQCeNH-YxxkY3PEIom3F3G-EpmQsKlwfX7zku6-1_2sbEZY1IPuMpx2t6veUNhJuBSLF-M_0WwqSUbRQcv-A5Fh6v1nt-rCQj2u138VvYw-QcBsQZFtZD2F1F5ctD02J_LDIAiKob96k9w-V2biiKodpiJMW504YHvMDCFJNp6ProRpm4QctNqIQr5qbbc9a5ts3VJV_Yf6c3_aUAVa1KUydRq_fOHixw_2GA3UUOv6x0G5MJPqqdDRiZ2nZiM_qUvPTlkv3IJ4HQgIzgcbgkF6-kcInYmjrcwJCifxNHHduoi4V91ARGtk2vnHP3OmFRAXRF5RdcxK5VjpV3FuNoBrgtx0vBNCme5whKnZ23mh012yWHtCTxTDIq0yzh130ZRTAbu_bHIEftfPWwtJX3WpsPG64mlQLrUdFZSDu3lSOS9L0yeCYGzQugPqAoYmW8NUoiJ7G23ymx-MAJEGYBOyaY-lf2xY795byMKDkiwTpbcWxm04asm8eAYw1cOlkbFRxGfLTKZGhuQJsTXcb8eW9RlG1i3tcgYLPrSiGVtnOZvqfbDNjLlMEV3HMGg4raCpKDppVo-6CN6t_tCIRF2Sb8EROF5_zYANikJdh--nBEI3jLvVKADVoubO_aHArUWKeK3nL1WCMR3iNXotQ1Soz-9VoHN2AL3Jqid9u38EW0cNET2t4ONgM0P12ay3-walxlFq0-8XJ6nV0Kz5-oGG2-e6zz46PdL2zQEiG6quE6OwFMgIjKo0TmqSFeioRoCXESq_FxRp8dbKMLPfGfePXalx-zAU8YzlcLmW-pKfhMJ0wKDDkE-f9ceGECcGfKQoHFn7EycoAkTKN-bHRovdcGS47nSlfrjZg04CW76xf9o8Xjbo6Q22uqjhY6UKxcXzFmC-hw0ruR91f2dkU3NGoppV9A1_bwJT7R5Vnac6VxHECcTK9K7sYy2cLT3AkpJK-FkNF8-coYFq_5dfHQGs0VfotneLUTjcUl3Dw4lg7FdOgyoMNZpLPHj1OVG8PR6LGu8E67mZ66jsUilD_nkwXfLg9oIAlT-Kw_A_BF8ivhHu3LAisfw7elIRjRUztCPqmjAFP-8ZGOFzEdBOA3vnvPQHg3OR16lz-zYhylVdPkkwIPtfoaSZgChjEEL8-bNT4uOShk92qXVrvARvjKheioTaF1xugr4jt5tHQDZQKQ-4ykx4e_IyeBtzzOlYbsrQS1mCNwoNGMVMaEk4ZIEOI3DfNvDQFCFavsr-vg5dhqK4fDwUFEgAyGf671Fm8pqtR0UXPwmbdck-ATAIT6wbyqTLyrVckwjMvoE1f42QvQ523weW9srrxm9wHIvpn1za3cm6Wt8Cq5pQ662PvfnuCHc5_srkQFH78mnnpFBLdkAbR1N1BkJdf4N2ySeNm76sMwZayZl-KWf4QQIwL1UGevT74m-lVCRWKhvWrhq2pXzbX9OW93bzaWggLDSsrwo40LS0lAoZqA0Fh7sXbnRfLFkJBMmP9HoAwbNt_JrJJHUD21sImIgami54NKHtmYSXVkX9_YwGdsMLd8vEnEcLXFj4wWp6txm30KMWzyGoagDjuw51IJNtQNyzj5pXVPJn2CIYVH81YhHfh1VtuwjvR8ca84gaCPxmGpCaippk9v6ZnXGShjt-m6n941GwSMD-JV9MUerkdKGq5Uicch9mEdSsMHROQo7-hXHv8lQLZ73bHfZBiSjhP4wGJnOKRtUNPd_JH-FeQeGCt_DVVVDUVWDc37tOiruCsZTsTQd3_-GP9GlLVr3yZoAzSzreDICWhI4Fgthxgx0a97_2897lkQrhy2udxI7sSHO6EuBkNpQWD4OHs0cWA_dYLrGIClf0sGc9ZaXJznaS5Wv1zAgvzv4_Zw9kOaqsyZu6KrEX08uHen2Dum8hSpmmwTTCiOHcrgEsjlFH9wMNNS6GlEac_O5SZ5yW0KH7mqFQGLOUnnZ_-x9z0bk5K2JM2pDKAiGkOpl4I2-xWgEAzXK8AEoBq3tWCjw9fkuRLx-15AtXzcbysjMdOJ58wq_NYMDkRDKbC7DZsqHHbvN70WtcwPr-CJjKn2kF8ucI5LTxp6utQO6ySJQHRaLnLXNNnInKWHoY2qBjBkZtBK-2ZLkDWH4Po1NIwpfu0LJO5UWmrwTxVE6rFz7QgVSOPm5c0AnPySnCu63TwT_0Gf_MN6ZM9dBdndRhU-pu_qzUa0gMopmp6MT11c-5-13UaAu48yM5GeLXUN8SRai41uCsSllFDV-W5Hpb3_o0q61pMsAtSXJv-SZfXpolHU9kgPFrvITSPIm_s6LKx46b1pfUN_XYEajh_iuo11xtjb5mFtJ4PPJxoPYTku4ptgyCHRaxnEH_m_Tq3pFYgP4c4cgR2DtrlmxpqKgTtYmvf-ZbFOnR2-hxJPkwPt3kFgZnsQ&cid=CAASJeRo-Sxy5mvdQR4RLi0NqV3iy-D1eDDHaYYLGqJFuA9nj79T_DE&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:32:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 51E6 27 KB
10 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:38:45 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 486F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvxJAkOVQzKO87SS2bPB9k&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvxJAkOVQzKO87SS2bPB9k&google_cver=1&__user_check__=1&sync_id=52f202da-df2b-11ec-8098-175cf56a0206

43 B
548 B

51ms
50ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKvxJAkOVQzKO87SS2bPB9k&google_cver=1&__user_check__=1&sync_id=52f202da-df2b-11ec-8098-175cf56a0206
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNUcm8q33yH1nq4zSHq1yHLgBsX5cVbwV9GQVs1ifPlNQch0fGvR1fcyItiWymXXBSDlBOgFFrn8lYFQD_2PagsqyCMtcLhY7P3UkLs5hlpsn4603DCG69duJVBeWMRrNeoVn9sKelGHOot0rU6vCkE0Q7pnXYPhCDeAYoIVWmRa9PNRdr4
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:51 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 39
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 29 May 2022 08:42:50 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEKvxJAkOVQzKO87SS2bPB9k&google_cver=1&__user_check__=1&sync_id=52f202da-df2b-11ec-8098-175cf56a0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 24
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 486F
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTJlZjI2NTctZGYyYi0xMWVjLThjNTMtMWQ3YWJiYWQwNDA2

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTJlZjI2NTctZGYyYi0xMWVjLThjNTMtMWQ3YWJiYWQwNDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNUcm8q33yH1nq4zSHq1yHLgBsX5cVbwV9GQVs1ifPlNQch0fGvR1fcyItiWymXXBSDlBOgFFrn8lYFQD_2PagsqyCMtcLhY7P3UkLs5hlpsn4603DCG69duJVBeWMRrNeoVn9sKelGHOot0rU6vCkE0Q7pnXYPhCDeAYoIVWmRa9PNRdr4

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 May 2022 08:42:51 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTJlZjI2NTctZGYyYi0xMWVjLThjNTMtMWQ3YWJiYWQwNDA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 41
Connection: keep-alive
Content-Length: 0

GET
H2

404

sync
pixel.advertising.com/ups/55946/ Frame 486F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDMHu4R55YAqS7ivljU0J_c&_origin=1&google_cver=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDMHu4R55YAqS7ivljU0J_c&_origin=1&google_cver=1&verify=true

0
255 B

195ms
195ms

Image
text/plain

52.52.17.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55946/sync?uid=CAESEDMHu4R55YAqS7ivljU0J_c&_origin=1&google_cver=1&verify=true

Requested by

Protocol

Server

52.52.17.9 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-52-17-9.us-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55946/sync?uid=CAESEDMHu4R55YAqS7ivljU0J_c&_origin=1&google_cver=1&verify=true
date: Sun, 29 May 2022 08:42:51 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

404

sync
pixel.advertising.com/ups/55946/ Frame 486F
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

0
255 B

195ms
195ms

Image
text/plain

52.52.17.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

Requested by

Protocol

Server

52.52.17.9 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-52-17-9.us-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
date: Sun, 29 May 2022 08:42:51 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5A78 119 KB
41 KB 203ms
117ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Origin: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 07:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 07:49:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 5A78 8 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmoA1e6Rt0xxIa_jE82EmUsTZK_A-M74kYdU5kIj4vRE_OvtD_oHAegKjNmZU50VsfG1UlYsNrOxGiGuOs7M55_-5jC-12p7UDzMqUOxvKd2hoabFJjwy0buY0DAwzetFoF9RPFI0uXLX_pHfIxRZFau7gSA&dbm_d=AKAmf-Auw4uIJVOuOxVy4E-pDi21ACl2GD9cawu5VFQJtoBP5_9SiHb80EKZeWVp0nsFS-7qdCHb3eET-A6bTvf5t1kShnneNel7BrG8PeiOIfXYbNDH8mDdTMpMjfu09Uavqyqjad0q5aPbTq_rE7RWxnJYb0iMDUH6tKm5DRwZAFLylB-3BNOXzlvqbL__7UTzsiVr9N1LdF8IqihYkH-5OUkXwn8OnIRcKCTmKu-9c0biv71Ykgk1uTav0OIfCTuPMvW-d273gdYBWBaqH6GrJYnIT18t5_kSiqkBd6UvZ5yItyrhCNDJQK7UwvpaOsA80_6BfA2Ykcqi2ZCVAQyUwPRWIuQ-JFhS-jpwzvqYToTdZhq5Y_TOp08bGq2GgQdvANdQIEDsX-ISgCedB5fWkOJixPCO_FxBH31AoPNwc4vz1ikQ97reXoG3Ukjn32oxzSq6p_cVvxrUnqTL4fwWup8AnxRSnoBLMQh9KMNvgVaXfPa6-gCDeMZlxUUUpOpRIDbcCnH8je_qPrUkYeIX10I0mdIYtM7F_OJVzQudAR-8jAGx6LqsobO0ZGT3_76PRrDbM8LDMHj8Yp9bBHk3lxC0uWYLE4vlNwzq2h6t-z1M6zD6cMMbdYgEznJ-vc9emBmK8ZwNTvDb1YLU5Qh1BXsc1ZLHgpP-6h81-iOMbP9-fTDJN-Kf68Pzb5pHDZVdvccDqYYknNrzYHNt3ja4_pNLL-Ob5eiM0U0AZ1qrkx4NkllGz70Corm2ZkFGSfERPX8Oh8zXWGpVxnUPgnXCsJGP4Fp4IdA-4oNWTH0T6moyxtPqgNanEWfORxsSScDSSbSDqdDw-l5_0CXaDn0CuHKRjawNkAz2psQ5oF-oeTOmc9XbeVMaCK3wQGU0zBCmyH8PCK40NnyxcjQHu-lIg_5on19GzDjksHnS1kPyJJJ4cLCDA1N_KXGJeC8m4mLqwcla_ysMrZlwiosY8HQ8CeUhMOcI2RMrLczukzjWHiyXj8RXbLj95ALZykjAN6AJSlQjEeACtg9GulNWPPSEGKf1UkBGfatxzniINDKQJMd2LAWtCluacw98rqDW3nOz7QxjibbR26iGc9um4GkO9swGqvb8Srm-57S4XivakrSQGzGl0d_YpnYQz9TVrE5peMJgHV6oXeoqbVsgCktJCzRv4EEJVNh_TAR6BQoCx5sVpIiWyaBx5i5I9zzX9xj3hrvDyoSWaDsnNSsGskHz3tn6YzA1sadJm1DyAAaWXZEdKvl6e2KlM9reHG6PBrLTc6ANp4xIMA6L95wqr6nILatY0luQAnod149OhJZeVuPA1JTR479kSMCLMH48NbaZsmYuU6Lei37HdulQPWU9Sg4taHOqPPKKMP362VTsjk9tfiDwhOh6krB9igmGR28-uhoS9qeERzRa09UG8lVg3gt4B7XdE1lFqynOuM_NjyFWC-63wad0T4z_WwaoZIBuMlicCqZlJXld2tQbqHbQg_zvocjhGjM5pvw7LjuzF8ka3vaKGke-4_W6B1qEvQzk77vMkhx9LYyJGvfHKkp79-0kXWOlCKvgNeyWHR---qEG4VK5Udy6yGyLIAyRKUUrtu-_sYkx9CDycD7RNWPWLFRsWocNgsl4OuAmrc_pyNg5HOm-WxADavxf2M_jIz6lfco7AHUJLP-kVTundRwlurPKZfGAqV97WePt2lsJrEGkAKJFNXa4M6_B___p_hFzTe3OJSLul12-Vuhef1c3KdNaBtacJWHo7iVm3IvbTjxg3wxVDjB-3E-72hDKI39Iwncexw8fORM3a2-_vDCnvxhK899bDWTtiYoQ4fMjO-KV3LKk1jOF0qyTXAeTiGC3QF-ZN1CagIRzIRtZm2TXQdB3QNNnM4VU2GjuYriWdnkbc4dfEGUQ3OURdwN94W7sZ6BXCPu2O2oGZBlxh3OLJPdR0nVagsISXgq3E-MPthSurr7W2ks6JU3CHu5yZrIkvrKi3Oa2N59mMM4GdA_k-_-XKufyhel6KtKLjG10rYFVRkLWOefwFkZ9HbPJ-fNzdkFZzTQODhRsfK1CElcmTfmPMuSi-fglnSRivbprMS100be3cCRvGWQUhOqj-aBfoMUybIeUtPCCRE0IO7Ecjx99tvXGEC5Yal7E-HQxRAGMGjWSIBa0Dtg07HoUJpZsDdSvH8NfEMCYopZ6h18N-FaNXcuAmnQ3z9X6qtE9zo_IslUOSNHxgRImxzkMc89dVZcJEj3-wmESNaMbNZBZyHWShfD1puqKVJTnVC0jt6gEBB70a57QY0P0V65refp5KusQSBY5_yfry3CnD50cRmw0Zqi5xSVvWYhNe8z_NdkseZxQ2Ynre5rpbAL2J99VAvkayRV-E3yKabCyvFLkWUkoPTO5fAxONnCFmxNs1Hz2dQfeE7BDws22C2BBwZe9vFeylxWwylZ_LZGG7t5CtFQkLTomgRQempgqlNI38hQTPUdRyIIytWM8sSIFJW0tWssOq1VeVdLIM6lEyIluPvORweS_8WdL9KaPib2zE-MDkj0uFLO8Y4alAT2cVTgZ-noColgJpxFIkOBLjc8OgqknkNnINeWN-NVEibWDvMhv_QdBw8_8vw4HUYMssC2A-op7dyOpstNZmwFRR-rnm8-Pgm1iXHhuPYjW3myhXOVgRjocZSUTctgdfVg2GV2oKM7e86qxQ42CcCmyy-oiVgRShWSwLlcr92OgMk-ypYqVSkE3_GA_7dcv2Pjb50sDyQiZi122xplBRR4c5HTiFp7o8nC6nP0b1FTLIOhQIZ04IIie92leO7rPdL3oyBIiQD4eUZU7Eo3biiSzbl1iWBAY6cYOOhVWxFvP9hmkaoQ-TgnzlF7n0T4S4SKecIqalXnBvXW4o9RYW8HcAeP6d2KRJaPKcPjie5ZBoRSp1atRz4NjRxWyrkyaqKN7LAvPNZe3FwWGXbYKjxvLmhE43WpYMgy_5H8AxhD5NQUiAAtHuK7Svq5lpyETpUG90_hMjpWjc-kCzbKBY3VbplC0PojJDqXCg0OKlpelFmkFWQbsNloPgoSWcpn6DuubMqHuSgQo1cc13myIvWxAbIBf5hv-0m9fAfr9dBSqwXLQF9Ai_cSzNWSv8lfJ12c-vkLBVn0xBfGggmrsBDZIAKxRS5n0pSv_wCsMxrWxNM57mMxMvI1u67VnCKrEXTobh44dPIFIuBapN-ZGa8T9hV1N1z6PFMHjRs1HKZexlBtWd8mi1mwuxPT-2MTosEoHMeBb0Au810wWAQHkX556ITi_qScsUPW3IGeVTZCJ8U3uJ9uW8UjZVZC5aC7EQ4vue2kyQ1kp4MKZmvf3v4fplrTk7rpARqfqYCl8VREf78OlpPTZSZMvHE9Z9ikWKVqenqoLl6rRS8Lf6JjM85EesLtydaQw8Wr4WQ&cid=CAASJeRo-9cHZyCwz8o-p9ZiHbF0fe4ncEqRh8jwqDLFpme3YkgPbp0&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:32:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 5A78 27 KB
10 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:38:45 GMT

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2BA4 119 KB
41 KB 225ms
154ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Origin: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 07:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 07:49:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 2BA4 8 KB
3 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ao5SeK3W_YBhkzS7SVInn7Opw4-9g8z0Xv_m5UInHKdEntRshA0YywzNcbjM1JUXr_3l3k_TwJm3XoiJFiEhube8Vf05JtFsdgv37RC-Lgij-duTG6FOGxhG9c_ONUgdTfwZC_3kIDjNUmayjML3n7_zNWOw&dbm_d=AKAmf-CKPQLReF9ETcdwYe_Tn2vq-aTmGlZEZjR4AbeWec086FZGMlr2XwyoqMgZaGRGMpW4SIBkkeycuOgasOZueOzdwWPRK6ilNbeWA827bA9lHlsS8GssyYJD3VvlIo24fRAB7ZESL-52_BQfmT2HKMJjc0j8JGs8t5Fh9vrKfUcbr-bP5iQ9VlKtQ6v8XTlWddiD4ztpcTX8PhNWo5qZ4zbdBvQJ9yoxz9WHpsmqd8lKOSg4SwAlhxQGAR-a0AM7A0QiBhXvFRT8l43Q23_o5ULcZpg7GbOpf4p6WLvyHdjAoyOrzWjF5sywYb3T-wtT3-RdxR6qBTitL67Lf0nb98uPnbovWvn2pImSP05hzk9B9MWw8BeVu7G4KhDnPnzea9npcQNIZf9bhekbu0reX1Bp-5pKY80oaBJU69PbxEC7gRWgP3j4u-nYwqp14m_SvWXuXnmqp4NRyBcg5LfmEa74XW-uXNttCMXRbUkPzQruqVBd-rz7jIMQ1gk7Cld-K04nqXXEGPQtUZbp502H2Kmih2d5dMAlkPE_faicMrp2wWXq6zUowNtgiyVNpFaZ6X1vuilSSqFRWgLXNR4rlkaTSyXewX4lQ29bg2rnWw7XRQlqcuSwehStbFRWibk3k7sZyORGMcR3zunk2vWQEhh72Z-PUqmjM_IA-jB_lbs2IFpND4KeqnBeeCFoBiADFUY0Y5togtIzboUYx4z2EY05AbiAQJpf7eH5UxQ6KHQZCzd6AmWrW_gadIKq-9w9gZl0ZBmYJ2se0NJp9KO_4JBHQeAOXnrfBzCXrEI6R9zCGjodvYtok2cpAaqzXrL8qckjs07295OG2z1FVp0rMd3MxLlmALkjA5OdzgAcsX1gI6DmlANtiBuC0-XjGy8SD-Yt3MOGV2QP1nOklIa9s_YfK0-mHBus-3c_97UntL0b3UrAx4jAULet3i0x-tUom3ZjjaJw6fUduYzzZMlhhD_dW7RWlMuchSY9WV9nUMCX-Ai3xmbGysiHXAQgkdYpYn9hOz4CQYPEiN2zL3McKZr7oTOYKp2nx_OkcpXTjaxnWe79YxFTLye82osbpaq1Dy8enGvOvLO-UVtbWBqtorSblddHStNtp1B795oSIk2TOo6MzeYZKXrN8dI7tUV1GqskJ8UEMwDdigyn67HIZTQPQgzCcGJSC-vEiYgmGpiPAQ9LaDD9LoSBgt_Zs2coJBOQQQ1CPtpTCd2zUff3YmdCwAFetBKDDH0e3bXzxjgQUXq2NsMoB475SooPSa3xUhVe5ECycEM1I4o3OWoM1vgJz-lo-is1DxkIhH0rGp9z-6NKgE4WkuqRmaoGRWfmq7uXPJGprVlrfOIYiZTdfjysspBc1P7j2TdL1ndoNl_OX7_TcqT_PAHlVjN2f-ceu4rLtc4ry2aBxOdF5VihYD1MAm70gGpOr6OmGK9i2WaYLh-_ctyqb6SxuZRUmWQGU9k2tVsQNjAD1uk9w5fekyRSFmE-UNWaFcvs9LF1j_jKiuRsUF1SGFQkjQ90gKz5_qiFteKhNFiNgQIfgcSf_DE1uoBx2YZqPcB30VRLYDwXoNPCkdOUQ2h9L75VaEqtextD-j-lNcIC1_E-3lKCBDuR_-ViRFbvi2krE0ICYPtdZU6Y3G1IKsAKUlmoAgblSbK-CC3kS6mKm-IV3tLqi4InUlLMuLKYgSim6J1hQQTwXndKaO0cNHnWN6zRIjEH1HCTeh41EzasDGN6eCoHk8w8cFZbzGzZHp8e8rMxW5CjvCzFYtORDgayiwcxFwh2bJrYQWRNsKYcdj4ZVeVwCjkH_kt7Qe-oEp1bWleGIhxdLvxnBMualjW8_KTgMvK9sAgPhN63jEUeGKn8EK36IzCpqhicemG0LFMoF4P1d1i2xQEVrXa88MVPYrEHjo-QSm6YK0YnwzNAwO7tTW7dtp9idHkrkBurJuCzSFdrDRKbrfs__6gbFAk80hXmvxrIaRULo-J8LMQ-BSH6JIvTvquKVs90owY3nMrhvsYOPVuoFkrPmCuLlM8u0hCqji-vT64tbSFOV7Pi1kOq_KwPBb1k8irTKk7hxUS_TIvdT2alk3qYA9RdPNRv2RudlPh7NI4iQSDqSqIESQ0DgCml_MyIMaqG9ANPNMrTn1GGd8WMEP35VeY8n8JUt1zXoS-wz73MwxhfFVcFocXRO5hi-bk5D21cIOwPSlwDKfaBqORsvpA32hbXzEjbk6W7w374AOGE2GOV4C5u0H8bLw1TRkOeRfzruWJRJtn5njDYHgFRHeujEfHcDaujFAsmysOC5sIZKCXZ69uYGhNaWTWM8DtQmw9p6jQV5aq0FMZBbaorPOVCKQgpDyisC3Tn2GZiikubMZheXio9mrPvyfsCG6RVvIwe-vyWgXmp06lgYsvYJLqh4Wki85EQqBYJLdVnResoMTLJITbZagRhJXkBEr2inTy4PibzyigHwrtBovTR1lFkLoyL04r-AnnNsnjpghDjl9MkqPBjAPnw0qyRnD9aVuxispOqyDrnkJzBh6IVLnGCoUIAi1KRRzLizR9agGksOiVkjq3BxRIvQW3gG3IcCjrZrXgPQpSsYsUQ8oMmnQzTVGue1ruXgd2NqvqdWR2bpRLnKrPR3b2n5ZXzkLVp0llGoUSKMOA3EkrLpBb5xvAaP2K9mcdJoLBIGkaGbPAT0n_82SsvHAyXyQIoC0S5Mg3_k-as3XmJ-OJaQcf_Q923z3G8T-T3-xmJOelz6l6WxPesSER9LobNtW7Y5l-1trg6ttMGpX5cLkHUz2A6JXmixlTwBEang0Cw4-vqIx4JR-gOfdVzh8s-vw4QG3BM95F6ykNjW4R4NbkiH0b3U4PT3WD0UqmPgOLs7cSrDi7DL6JB_lX_fATVEDQohOIVaXHw6_Eq0IWlcH88fGUzVXCKCqWoN78iHzu-SW0OTsyHknXEZhQA9kB3X_DGtjXRu1wyKpTmboTCLQK7UXJIWJwcIcPWP-w2ywbKSSjMuE_ZgMBOd80iuHFfwkcnVQAeXAlkZVEn2UQgWR62igFp8V1UMZQpZ63mq9aiFJXJriJJwciYksICd_cCB_M0XMw0IkDcDIDaExQ9fQkBtiGAkUnxa-chxNJ-r_wd73OEgfyRpCb9obAL_x5JS6pAUnUlSrOFKiwUFD631wWSTSEKjCypYkn3GwOp1L5RAQ1-KWG2Fj90YNCt2Z3kKn_Mpb8-xKLIcO0ug7J-eVyUaD-jGBMDTc5xHId6_LyJ-FVwlZj7pOSCl5WFAnxnEqZrzHizwLFxrOo1WxHUnvR9lsYrchNhPpVq7zv6BWI0tC4LK-PkOHMTfOmFDFJw4Z5EvY7Bk0A1a3Fd2kOpMWPRi2EMVhoIWnk4agRKeNswqaPP0D4GmEW9-i7MpJIw6V0IlpxukWx_zsZfATTTFNDTJl9pfm3nRv2keowH-TvY_mJxUMdGo4jx8Ve00y2Xu6bJ157v4WIPvnV7iMMOf-8w6YLAkSl8_E0_WmyGX6cDIQ3uFMRUd5jdqaSLsHE3Qr-HKdiiJ14ptaPtgdXikHndbyUv5sES6At7vRHIQrkxOe8HuX9rlsdw&cid=CAASJeRoEw0xTDuwnyT_52xuLZ7mqpc9IgWzcA8HCm80jW20AORRrDc&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:32:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 2BA4 27 KB
10 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:38:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 51E6 41 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 11:48:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E292 1 KB
749 B 54ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 69398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sun, 29 May 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 51E6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fa41d1dd35371b43e476aed2affd90239756fe76a598fd6a071887e0bb455c7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A78 41 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 11:48:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 09DA 1 KB
749 B 54ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 69398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sun, 29 May 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5A78 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6533e888c1361884fbc4f67f8d8f220d4683af91ec9f48512b59211a7153dcc6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2BA4 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 11:48:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 379E 1 KB
749 B 54ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 69398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sun, 29 May 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2BA4 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfc7ef0f4be27f4466434a3bad31f3cd2b57b9f3638ec7a949b1d39070c0c3cd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8009 22 KB
8 KB 53ms
53ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 420889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 11:48:01 GMT
expires: Wed, 24 May 2023 11:48:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E292
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d3Byb1lQamQxTlZldkY1&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPJEbyRedqCoRYq0T60hMxJ0UCnnqvM_4ctzJuDLJp-...

170 B
188 B

67ms
67ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d3Byb1lQamQxTlZldkY1&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPJEbyRedqCoRYq0T60hMxJ0UCnnqvM_4ctzJuDLJp-AmH2kx-15wEQPo1QBpzZC4lQratJPmIYuDEqRGsquU9yEkvEwtj_Q

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:50 GMT
Server: PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-025786580083fbd6c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d3Byb1lQamQxTlZldkY1&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPJEbyRedqCoRYq0T60hMxJ0UCnnqvM_4ctzJuDLJp-AmH2kx-15wEQPo1QBpzZC4lQratJPmIYuDEqRGsquU9yEkvEwtj_Q
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E292
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDse8ZCNdEDKfLAnuamhBS8&google_push=AYg5qPLilFMMwPt5fB1Quhes-PlhSSWY8IYf2wIrx9I50XcIn9Oea7YowA...

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDse8ZCNdEDKfLAnuamhBS8&google_push=AYg5qPLilFMMwPt5fB1Quhes-PlhSSWY8IYf2wIrx9I50XcIn9Oea7YowAGiBaFwkxS35hRRnqKNfvsleewdQSTavFWfpVwl8DUKYA

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1653813771.013082,VS0,VE89
x-served-by: cache-hhn4026-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDse8ZCNdEDKfLAnuamhBS8&google_push=AYg5qPLilFMMwPt5fB1Quhes-PlhSSWY8IYf2wIrx9I50XcIn9Oea7YowAGiBaFwkxS35hRRnqKNfvsleewdQSTavFWfpVwl8DUKYA
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E292
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAlddZop7k9tpaCJvhGYFm8&google_cver=1&google_push=AYg5qPLqVO1HMFwoIDYReGReHKRT9RoWWwkwuHr1Ezw7U3YumHPx96xV_YfrX5dwjVWqocTDQERIYnKRMcZ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLqVO1HMFwoIDYReGReHKRT9RoWWwkwuHr1Ezw7U3YumHPx96xV_YfrX5dwjVWqocTDQERIYnKRMcZfERC_z1M5k7hMvet-ow&google_hm=aCW_ryvuTpWB4imKvY...

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLqVO1HMFwoIDYReGReHKRT9RoWWwkwuHr1Ezw7U3YumHPx96xV_YfrX5dwjVWqocTDQERIYnKRMcZfERC_z1M5k7hMvet-ow&google_hm=aCW_ryvuTpWB4imKvYM6CCo

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLqVO1HMFwoIDYReGReHKRT9RoWWwkwuHr1Ezw7U3YumHPx96xV_YfrX5dwjVWqocTDQERIYnKRMcZfERC_z1M5k7hMvet-ow&google_hm=aCW_ryvuTpWB4imKvYM6CCo
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/ Frame E292
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELczLL0dlg97zYx4aD8FsqE&google_cver=1&google_push=AYg5qPIFASl-tELGgYBmV5Yf1-iAzn98N8EtPFvS50Au5wDVQGm9BI49-a8aCn3H9ataxwOaDbMJBAnR7RY83Uv8GJiY...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=b4693fca-0e03-4d27-8432-f9143fe553ad
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=b4693fca-0e03-4d27-8432-f9143fe553ad
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=24b36bf8-4386-439b-accf-de84f1f9b9ed&user_group=1&ssp=google&bsw_param=b4693fca-0e03-4d27-8432-f9143fe553ad
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=tGk_yg4DTSeEMvkUP-VTrQ==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESELczLL0dlg97zYx4aD8FsqE&google_cver=1

43 B
220 B

59ms
59ms

Image
image/gif

35.158.225.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESELczLL0dlg97zYx4aD8FsqE&google_cver=1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Server: 35.158.225.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 29 May 2022 08:42:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESELczLL0dlg97zYx4aD8FsqE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E292
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFIaTvFO0WdrlaiDSCVHSZ0&google_cver=1&google_push=AYg5qPJyfUpJdBA80yBMN6-bSVNvM7P6FaAyY15I6oABtcTmGVcYp1m4Iy-Z1M9cY6CgrTnBE6gHzUMn...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFIaTvFO0WdrlaiDSCVHSZ0&google_cver=1&google_push=AYg5qPJyfUpJdBA80yBMN6-bSVNvM7P6FaAyY15I6oABtcTmGVcYp1m4Iy-Z1M9cY6CgrTnBE6g...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYzNjUxNjkzOTc3ODQxNTcxOA&google_push=AYg5qPJyfUpJdBA80yBMN6-bSVNvM7P6FaAyY15I6oABtcTmGVcYp1m4Iy-Z1M9cY6CgrTnBE6gHzU...

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYzNjUxNjkzOTc3ODQxNTcxOA&google_push=AYg5qPJyfUpJdBA80yBMN6-bSVNvM7P6FaAyY15I6oABtcTmGVcYp1m4Iy-Z1M9cY6CgrTnBE6gHzUMnoVrRIRf9qojHD3Gac52Wqw

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYzNjUxNjkzOTc3ODQxNTcxOA&google_push=AYg5qPJyfUpJdBA80yBMN6-bSVNvM7P6FaAyY15I6oABtcTmGVcYp1m4Iy-Z1M9cY6CgrTnBE6gHzUMnoVrRIRf9qojHD3Gac52Wqw
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E292
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIfIatbvtjSqCQiJLSHVsb4&google_cver=1&google_push=AYg5qPJij7Fz2fI2aJgMIY57LNmAhdDgdqIU4KoHXz9bnozMGdE1UvMHUJk5NIzg_vcm11d0oOv1DM1V-SVp-xSq...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJij7Fz2fI2aJgMIY57LNmAhdDgdqIU4KoHXz9bnozMGdE1UvMHUJk5NIzg_vcm11d0oOv1DM1V-SVp-xSqzk0zUjABKKFU1g

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJij7Fz2fI2aJgMIY57LNmAhdDgdqIU4KoHXz9bnozMGdE1UvMHUJk5NIzg_vcm11d0oOv1DM1V-SVp-xSqzk0zUjABKKFU1g

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 29 May 2022 08:42:50 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJij7Fz2fI2aJgMIY57LNmAhdDgdqIU4KoHXz9bnozMGdE1UvMHUJk5NIzg_vcm11d0oOv1DM1V-SVp-xSqzk0zUjABKKFU1g
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: goM9knPawnQrmauQNwtN4CaEWeNqSJ_fSxMIt_EpJnfFqZdb70uoyg==

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame E292 0
75 B 193ms
51ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELue6jkODrv4GQnYF3I5Jlo&google_cver=1&google_push=AYg5qPKQA4wSFdfLAT6ab4pqoxCA8lptrko2M1dYfIH7WlxyP_zOa6lilOheacICKQTgN29irfDiUkWWJkvNNE3ymI047oCbrmqn1Q
Requested by: Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E292 0
12 B 170ms
62ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUNe1AzMZQp8uvqFcnEdSOkU15RtxTpbrtbmbOOPJhY3lXQHfN_8NDHkWSlVf0XQ1AmtKi

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 725D 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 420889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 11:48:01 GMT
expires: Wed, 24 May 2023 11:48:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 09DA 35 B
362 B 59ms
56ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEbthU_S9CGVkPUjvbDpBMg&google_cver=1&google_push=AYg5qPLd4gWupxUaFy4qsUki3EME0uUSbkBylRdc4A-gRxPM9Px1KT2AD7MUK0_47NDd0zTFDE6akdKuSNLmcMrGpoccw6N7LHWrQQ

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09DA
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJmVTrZ6f9pKyTZ3jyHV3eFCstX_5SLVtIUVws...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBNeUN3QUFCTktBYm5sZA&google_push=AYg5qPJmVTrZ6f9pKyTZ3jyHV3eFCstX_5SLVtIUVws8nd4VjlaQ7nXmVet20c9zxgXD-m5cF_0-MrCgyzaAhkMrD5FGAPcQxq...

170 B
188 B

65ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBNeUN3QUFCTktBYm5sZA&google_push=AYg5qPJmVTrZ6f9pKyTZ3jyHV3eFCstX_5SLVtIUVws8nd4VjlaQ7nXmVet20c9zxgXD-m5cF_0-MrCgyzaAhkMrD5FGAPcQxqvgrA

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBNeUN3QUFCTktBYm5sZA&google_push=AYg5qPJmVTrZ6f9pKyTZ3jyHV3eFCstX_5SLVtIUVws8nd4VjlaQ7nXmVet20c9zxgXD-m5cF_0-MrCgyzaAhkMrD5FGAPcQxqvgrA
Date: Sun, 29 May 2022 08:42:51 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09DA
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGB9NctM3bruvCUK1QJwfkQ&google_cver=1&google_push=AYg5qPIKf8Ehw8dLD1F8UpbbTriruF3Xu9bxv91vrss4rFYh_N8RPebwvhYgC8PC-p5_4KpqkI5zmCVUAI7L4L2-8La0BCo5uuan
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIKf8Ehw8dLD1F8UpbbTriruF3Xu9bxv91vrss4rFYh_N8RPebwvhYgC8PC-p5_4KpqkI5zmCVUAI7L4L2-8La0BCo5uuan&google_hm=Q0FFU0VHQjlOY3RNM2Jyd...

170 B
188 B

69ms
69ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIKf8Ehw8dLD1F8UpbbTriruF3Xu9bxv91vrss4rFYh_N8RPebwvhYgC8PC-p5_4KpqkI5zmCVUAI7L4L2-8La0BCo5uuan&google_hm=Q0FFU0VHQjlOY3RNM2JydXZDVUsxUUp3ZmtR

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIKf8Ehw8dLD1F8UpbbTriruF3Xu9bxv91vrss4rFYh_N8RPebwvhYgC8PC-p5_4KpqkI5zmCVUAI7L4L2-8La0BCo5uuan&google_hm=Q0FFU0VHQjlOY3RNM2JydXZDVUsxUUp3ZmtR
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 09DA 43 B
356 B 201ms
63ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJjhkGiDWEXXQQoyefA4D_w&google_push=AYg5qPIDTYDyeJqCkT33fCmeDzXEBQ8SeyXhrFqfBu3ylAVE2Cs5G5y8CKlVGpwv_gzGeVAOHG9PrvSR8vMOB0Elzo9YYMJLtpST5w&google_cver=1
Requested by: Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09DA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JwHSjPAQRde8gj_lYEtvdg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

63ms
63ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JwHSjPAQRde8gj_lYEtvdg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgz6QBD3V30nSirj-dni14N2ekaUCuQNbC_btcWVvScrt9ueuB3SS7LzDB1pYPoq5PNnwzgTzH9KWIT4-kFScUdrRk8B4bnQ

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JwHSjPAQRde8gj_lYEtvdg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgz6QBD3V30nSirj-dni14N2ekaUCuQNbC_btcWVvScrt9ueuB3SS7LzDB1pYPoq5PNnwzgTzH9KWIT4-kFScUdrRk8B4bnQ
date: Sun, 29 May 2022 08:42:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09DA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPvydq4ps0uP6Ha6B86bWvQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPvydq4ps0uP6Ha6B86bWvQ&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpMyC8mzo5Db6asL8nD-MgAAAp4AAAAB&google_cver=1&google_push=AYg5qPKNf0Jtfd44g8u7YwnHestSezfSyU4FpR5jeERPpwXnP_GNcjqhh1mvDHG5xzt87scIaSyd...

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpMyC8mzo5Db6asL8nD-MgAAAp4AAAAB&google_cver=1&google_push=AYg5qPKNf0Jtfd44g8u7YwnHestSezfSyU4FpR5jeERPpwXnP_GNcjqhh1mvDHG5xzt87scIaSyd9rdM3bYZ14fRFnnePI21dyaQUw&google_gid=CAESEPvydq4ps0uP6Ha6B86bWvQ

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpMyC8mzo5Db6asL8nD-MgAAAp4AAAAB&google_cver=1&google_push=AYg5qPKNf0Jtfd44g8u7YwnHestSezfSyU4FpR5jeERPpwXnP_GNcjqhh1mvDHG5xzt87scIaSyd9rdM3bYZ14fRFnnePI21dyaQUw&google_gid=CAESEPvydq4ps0uP6Ha6B86bWvQ
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Sun, 29 May 2022 08:42:51 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 09DA 43 B
297 B 252ms
45ms Image
image/gif 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOt838iZ4ONqwEBz4zkB3hM&google_cver=1&google_push=AYg5qPIPojVcB1uf29N_ZQv4Z8733ILrimQU_6wHir_HP8wTFoLGU6H5m_gLdWSpfK8cCMyZsEMjgPpRz0wJEHU8o6x--Ahsfx5rIw
Requested by: Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 09DA 0
12 B 151ms
62ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4QBpJ_g3kRJom6LotjV3QR2gSCiU5MvxAdLlVAv6mYvc0RSrpz0brrwpq_IUfdkhNE-PN

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B0E5 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 420889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 11:48:01 GMT
expires: Wed, 24 May 2023 11:48:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 379E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDB3cVpBS24xTlZldkY1&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPKeVdk0c1eN-_6XgL8e4Ye7gl7Bk4amqTxW8yhZkVk...

170 B
188 B

69ms
69ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDB3cVpBS24xTlZldkY1&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPKeVdk0c1eN-_6XgL8e4Ye7gl7Bk4amqTxW8yhZkVkFzxHjARfi3HvZyyP3X7mKUm8nUdddb98ilmFNzVkNJ1phFunb4nGE

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 May 2022 08:42:50 GMT
Server: PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-0e7593d38a0fef5c3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VDB3cVpBS24xTlZldkY1&google_gid=CAESENdeLpIM3jDR0hE4njmy0S4&google_cver=1&google_push=AYg5qPKeVdk0c1eN-_6XgL8e4Ye7gl7Bk4amqTxW8yhZkVkFzxHjARfi3HvZyyP3X7mKUm8nUdddb98ilmFNzVkNJ1phFunb4nGE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 379E 0
172 B 180ms
62ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEav82x6LlV-mI6f1ptfMo0&google_cver=1&google_push=AYg5qPLleuQP_-YZG5gfrdxy0vYY7RILwg-Bb7up8PvA-TAk2eJhpLSuD-fUvfZ8PsX7zVpo5TZBGkGQVFWnm9K1FDZV_dTBUJY_
Requested by: Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 379E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELczLL0dlg97zYx4aD8FsqE&google_cver=1&google_push=AYg5qPI-UXbm0KVNpmrp3GJt7EHzEfKxsfjfiPALV7rtUdxg29xuStqcvlBw1q3-AztyMaiVAdYLVxhOdn87u-V0uwNH...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=b4693fca-0e03-4d27-8432-f9143fe553ad
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=b4693fca-0e03-4d27-8432-f9143fe553ad
https://x.bidswitch.net/sync?dsp_id=4&user_id=96ba81ba-af83-4efd-a315-9f9e56d1a388&ssp=google&expires=30&user_group=5&bsw_param=b4693fca-0e03-4d27-8432-f9143fe553ad
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI-UXbm0KVNpmrp3GJt7EHzEfKxsfjfiPALV7rtUdxg29xuStqcvlBw1q3-AztyMaiVAdYLVxhOdn87u-V0uwNH3kgFd8xsSw&google_hm=tGk_yg4DTSeEMvkUP-VTrQ==

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI-UXbm0KVNpmrp3GJt7EHzEfKxsfjfiPALV7rtUdxg29xuStqcvlBw1q3-AztyMaiVAdYLVxhOdn87u-V0uwNH3kgFd8xsSw&google_hm=tGk_yg4DTSeEMvkUP-VTrQ==

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI-UXbm0KVNpmrp3GJt7EHzEfKxsfjfiPALV7rtUdxg29xuStqcvlBw1q3-AztyMaiVAdYLVxhOdn87u-V0uwNH3kgFd8xsSw&google_hm=tGk_yg4DTSeEMvkUP-VTrQ==
Date: Sun, 29 May 2022 08:42:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 379E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIfIatbvtjSqCQiJLSHVsb4&google_cver=1&google_push=AYg5qPLvotkg6tUN4p7B9XuyhmyHZCJ8F6JRQi17fPljWfpF3qAPYwZep4T2kDv4neKvFj3fj0VhrjjHZhka8vum...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLvotkg6tUN4p7B9XuyhmyHZCJ8F6JRQi17fPljWfpF3qAPYwZep4T2kDv4neKvFj3fj0VhrjjHZhka8vum81e-BhKbXWf-hA

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLvotkg6tUN4p7B9XuyhmyHZCJ8F6JRQi17fPljWfpF3qAPYwZep4T2kDv4neKvFj3fj0VhrjjHZhka8vum81e-BhKbXWf-hA

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 29 May 2022 08:42:50 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLvotkg6tUN4p7B9XuyhmyHZCJ8F6JRQi17fPljWfpF3qAPYwZep4T2kDv4neKvFj3fj0VhrjjHZhka8vum81e-BhKbXWf-hA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: -NJi4vIUntaq3SDd32VCU3AnogAVtziijOc6NPHv5MZmBnh8nzU0Eg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 379E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKEWZY5iqDsRBfM3F4m3FQU&google_cver=1&google_push=AYg5qPInpzv7-MNPn9IhS7RNtFpbcAi5uGNtR1f0VzDkzKnQiBg1Ey0T078iPrzHfnmEUGamGutxXcDpC-A1RAtTX71zg5q6oHWX
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPInpzv7-MNPn9IhS7RNtFpbcAi5uGNtR1f0VzDkzKnQiBg1Ey0T078iPrzHfnmEUGamGutxXcDpC-A1RAtTX71zg5q6oHW...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0NzY4NTAzNjMxMDQ1OTYxMzUwMw%3D%3D&google_push=AYg5qPInpzv7-MNPn9IhS7RNtFpbcAi5uGNtR1f0VzDkzKnQiBg1Ey0T...

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0NzY4NTAzNjMxMDQ1OTYxMzUwMw%3D%3D&google_push=AYg5qPInpzv7-MNPn9IhS7RNtFpbcAi5uGNtR1f0VzDkzKnQiBg1Ey0T078iPrzHfnmEUGamGutxXcDpC-A1RAtTX71zg5q6oHWX

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0NzY4NTAzNjMxMDQ1OTYxMzUwMw%3D%3D&google_push=AYg5qPInpzv7-MNPn9IhS7RNtFpbcAi5uGNtR1f0VzDkzKnQiBg1Ey0T078iPrzHfnmEUGamGutxXcDpC-A1RAtTX71zg5q6oHWX
date: Sun, 29 May 2022 08:42:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 379E 0
75 B 152ms
50ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELue6jkODrv4GQnYF3I5Jlo&google_cver=1&google_push=AYg5qPLsFeFXXg6_Qpg8OLsSAl32IlNAqNbhkfBi6_oAL-0xtrN-fwIS3z2ha4Mkt_Qkin8bdaWSStl8AzL1KUKNTofDgUjwB3U5
Requested by: Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 379E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBufXs5CZlXFjTp7mJoFs4Q&google_cver=1&google_push=AYg5qPIgWYlCh_xbeeEJxYSo4TErgUeTgOQyVtUwkCjV_RrHVqHptxgIVX-jkZJ6fv8acrnIxq...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBufXs5CZlXFjTp7mJoFs4Q&google_cver=1&google_push=AYg5qPIgWYlCh_xbeeEJxYSo4TErgUeTgOQyVtUwkCjV_RrHVqHptxgIVX-jkZJ6fv8acrnIxq...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uNHNtczVSRTJ1RVF4NXVQZ0NKVmpOZV8wandfOUpmVH5B&google_push=AYg5qPIgWYlCh_xbeeEJxYSo4TErgUeTgOQyVtUwkCjV_RrHVqHptxgIV...

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uNHNtczVSRTJ1RVF4NXVQZ0NKVmpOZV8wandfOUpmVH5B&google_push=AYg5qPIgWYlCh_xbeeEJxYSo4TErgUeTgOQyVtUwkCjV_RrHVqHptxgIVX-jkZJ6fv8acrnIxq9APYKo1QMze0HLOlMRpa96eXyh3JE

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uNHNtczVSRTJ1RVF4NXVQZ0NKVmpOZV8wandfOUpmVH5B&google_push=AYg5qPIgWYlCh_xbeeEJxYSo4TErgUeTgOQyVtUwkCjV_RrHVqHptxgIVX-jkZJ6fv8acrnIxq9APYKo1QMze0HLOlMRpa96eXyh3JE
date: Sun, 29 May 2022 08:42:51 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 379E 0
12 B 131ms
63ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdprtF9YFENdwp5O3nUN_IfFHfCLCIDTnEbz_K51pDfiqd3Ox4U86VuBP4L8HCH52nN0pbpA

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8009 35 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:36:39 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 725D 35 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:36:39 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame B0E5 35 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:36:39 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/ Frame 82AF 5 KB
2 KB 164ms
56ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0442992dfd1d698762ad163d6dbfaf0ccc3a9ccbbfc5e0820ad34762dfacf56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1638
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 06:34:14 GMT
expires: Mon, 30 May 2022 06:34:14 GMT
last-modified: Mon, 23 May 2022 11:46:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 51E6 0
306 B 103ms
95ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5jTkoaqUdLd3nP3C2kv6tdJehDH4ArV9rq-9Ln9sd99TiQXRfosNvnPDjBnTexU1NyArKRyEkuJGlfmdg9w3iDFpy66gp7jvICxrZmTE0fEK4kWb155obGMGbmuoWtE4CJCKfdDf64p2IICv-9CpJmo_2sicb4_bhx6t3KkqtG3hI5K-lmheYEqcXMIFm5EuESO8CUQpUpPXLuKVK846rpfpE9GFmPzjiHa4TNsIkOhIRNFvVH8DI5Xm2xP1sEIteWDl8DtLAuRGKWgf97k7mWWoDeF-mbDbxb-r9QQTXBYme92nDjDuPJ0TbGFRoGSPOkuWvJAlBDgQB_38sQJ8zvICH1jJNJBnVLpIGbpjO3jRmsdm_LDZLnGbZyIL2sPmHbGBNtj_WADVH7v-iir0cnOD-63s6_ZE862XRbDFHQj6Mtk9Wk6ZW64K44pJiEmpqLV-ZSPEHtMtb6GTLEOXe5ny5Pbavamdb5vY3zygrDvkB60oCQXkLLlvi6QJzFMKvkyKg0peGExbroxbUGwDivE9VeYeGeqZg0jTEAyx4-9QYj8ptmnjujpTb319NTttjWxOCWmcfzQHlUUKq0fL6AZxC6l57RT2MoYoADSNwt78R7fYwsgOu4Xq60g2GeWXtUvjZmiQMkl2YyTRQLQyphmFaOb1TOq9AAH2WFBaZkHetXMA4DC3mc9m0V0QP4EwgCzDIUXtoXIDt0VqenJLl9pNzh0lYjJg6L4PvtgE9ZvQzx54LGQB-MsgWBb-Hh9DyyO6usNpU511a5sJ45c5rJ0Z2iO7RMf5XHNUfn3szr29MhhdhYtdxwOOQoxPqpRKD7B-A_N7j39_JoOSbBwN_XFEhvSpPoLFfItRT4PZ5QoAESc2H8TxQSf5QwzFqE-vqEZpMU9N7_lt73efHrN_VmaWklF3mzVRjMZrRoIvw9Wx5hF_--RO0ecddw2LgdnWEhBxm1YW-_V-2AjsV0cDq-v5sqbFMMyzrfoAufJagjb2_rlv73os9Iwj1oS3DtyoLK1RT99ehcFa32QNUroD1RcAf3CJ_GFtmtLsknkhFfmDfI_-gbEbf86IbsLQ_AxFCVci8Zkw0pZRuAyGZyS2MzKvK8SMe7ns9RU6cECDBrm4Wk4NGBpV3RgGkR_OfevQUWgRrmsMVX_Vey2HoRMgIrfihN5u-laiBrcYwuKdx88YvpVBxBRFJTS3LJKcA7H0kKrjnlnOvJOutRWXiKGwlnrbYGd4T1kchjQ7hwu_0eWFBq-sS2p1kAQ5Ihgb9HnEuOmR3tEwrK5BzNUz1EZz6AxcnHuZMFHCgkkmnpmTM3AC6m5sM7AAydaoHUsyh5SDbszXrfOrT&sai=AMfl-YSEfLxBjYVKm4LnhLrXgrEZslVlKkn3R3TGpTLy0qJxvpvIm6zvF8t-SnxaGKhkgwXeMX9kgEzAEuuxQ603XxOHfTwEzgyxy6MVokOi5bJ1rnv8N8RNO-159cDFTuV_olWnTsHAkk44SiS8-5GU1s9sE3pBH5t4iQjSXwrMXWXB_Lt0-quFYbK_UciIgffRiM6WL_EjfWqLMCoYlOr5thQz&sig=Cg0ArKJSzJcHipQVD0crEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=329&cbvp=1&cstd=327&cisv=r20220525.97677&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 29 May 2022 08:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/ Frame 6872 5 KB
2 KB 130ms
57ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0442992dfd1d698762ad163d6dbfaf0ccc3a9ccbbfc5e0820ad34762dfacf56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1638
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 06:34:14 GMT
expires: Mon, 30 May 2022 06:34:14 GMT
last-modified: Mon, 23 May 2022 11:46:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A78 0
64 B 98ms
98ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstG3ilEZ_rz7CyAGAph_A0vaiq5PgYEkLcpq7irMGTdH2u6NeQ-W7Ftfa-ubpRJy3C_OuO1Seot6ZMg6kLuXg1c_SpgLAsZvRrb1zpMmwPoalxVdAhDK7MvtoSTYKTog-_P9fAwViNMYw5OfFs-m_VsW3gi1VfgrhuhEdATn3fAnD1yBMto-U3a8sbEWlSRwuSTVmQ2kuUp7I2VY89IhhYz_zn-0nv4qJK-WL2uAJJD3IHqdlt3h60KcfaIc1HdjxFVq9T-RC1INIDk5amnHhC5kSKgO6RS7Bg7npqARUgCHBITtdu1t2aySPDXNHikOdG_H8F3hCLBJ2Ru-dTYmI-HKAZXVfuGBkii3A1YATSVWtf6EnBkqtMGL2awNHCbPfuJxjbO8nnftdU_S1Ftuq2XcZT--_M_oiyNc-nWe0mmEg7xZetvuqPN9t8igJbotNeb4Xi9C-WMdjqKHibxz1NUefnxVMrrR840ZrxFSy1n7QLBfVZrVGNkBugEwTm2Q8De4gg1yAGYE9Pk2-gbW9cI0BVRFrW7RgHcQIk7gEHMMtNT9CFKzDR-Y-wTGKN5MaO9F-lrgKjvxybTfmE49v-zNZBVDG0s28jm11uH2Wc1I_qOuzZ-QCtgdfAsgMW07cY5fKzajO2GShhUddS_wlRcikQ2E2kkDibSjrBLDQm7dDi66pDoziAJji9LtQF3JCJqsL5LE9GdmQJtw04CgoUoOAHzNrzX4XBsMs56DpBGelZzPSdnrIlELSd3hfjTFgqQ1t1-u-cR_fa8mQ2YPas9dZx6ZmvEJJ3DA0rLQQVB2SyKr91lYI4INxkf5BUp33tvEaEitLXSvOe0GqZdzWr_0mheoD6u-FknZVjBUEVesBYl0FIaPC4kYOcP8jq9up6VzhoXACGYL1-FrHPbEkjPlQafAL75-Lh6IvoiNB_8iHLLLYXeY-AyqQQjZVqlmx1qwRPwCpaKaw_4HYVGgqYcwkyxKuhrDKOGGj5hzXNuYZNkAmVCQlN4h-91hTV0120QW8kLjXjQUoFuPlH5bCJJ5o_Z4cQ0HEmow-9DR09wheEVogF6AEBvkZW7m6KHQgnt1IzC5TLJu5irWxE-SDQGrpgqICxV9DZ9QUFuKpGMhz0f-DVUNZRPwHq77E-nZ8v1ZOGy65n6-fJysiqipgd0mCb1MeADT_oprNJOIk37PjziqRbZM5BtK2cYiyLic9ZyyU_rNC5-GWAXNNhdYd1IoY3AHcQHsTNn_cCYLtf5Wkd3mpr4&sai=AMfl-YRolwVoSivghtonrvuR2S0HsD4HXrEzcuyuB8AJKp-_zHB7gRHljuoseC5FtW0PQsGjKJba1ppOx5zd4f3BraMfHK-Bcuz-GCTI7DRoVZH7emyQADLNQVeIXbcHBN5z9IP1o4JRJ_l1EjKfh7Biq2-DLh6tKNHik2jmBgy3aZY6BOuTOOFPl0ZtdG7X9DdlsTEXs7k1B5qFGf9OvLeeW2PI&sig=Cg0ArKJSzDqWSby1fCuvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&cbvp=1&cstd=317&cisv=r20220525.42748&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 29 May 2022 08:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/ Frame AFD8 5 KB
2 KB 104ms
59ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0442992dfd1d698762ad163d6dbfaf0ccc3a9ccbbfc5e0820ad34762dfacf56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1638
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 06:34:14 GMT
expires: Mon, 30 May 2022 06:34:14 GMT
last-modified: Mon, 23 May 2022 11:46:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2BA4 0
64 B 96ms
96ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss__oH9fyAnqdC_yI0vhFTZpm9qUQUctejX3FVm5DJae6JIJtA93McWVRh3bU8SuKsXjI1jwgwfeGiKuetz9sPj460PotPY6cPwCTPVgbNf4HarctXqRF2cEMsWEjhMEnMsaeFvVkixFrxEvYGOWd1S1KtxtDtBBguEBcWs1LY6HsNdPZf2uW0QSCDmO45ILcXtBS1odygTbdQCUJ-EtqT6wxQJ1CZ4sItQjYlyzh6aYvLyMKtQmtYjyFlv_m7LtDIig6H7krhhxYyc7vHqwXfw8dYo8ylRjpEN0Sduc4WPfpW0qSsvPlDbqiXck45rUj5UQ416gpsmpHRyVuUsDRIzEHJ-vCMYz9OgSZ4CYYsI8l54GVE_EyvDin8U6429KjmT1h6qnDGj7hm4Vjgk8LcczV3MamVE7J-7pSNo5mMRWgkM85kyQqkZaTxJt9vax5C4p9S5UrO_LA5wv4raPeGwdUUKQo6EDevSWtwymwG32Ee1h_l9LZ1Eew6tZLFigXOYTraFlvu13Kwo1xiE9fH_efATMPXtDNnCyD_PgXdX9xBFEUao0QaJ3M6hi2sgo7Mp1ferGYenP2izrI6LF8ZcvfwaR5eHBNoR0QMo7x3tDgwFWDGvql6uCjrzZDax-80_xhY3b_j0pE6--Eqq-xZ_-ofpRWk2EyUNm8OfToq-ACiNKrFRm1n5hwc6EQoe8cRnPa6NLkdQGlfujoDfvUARmoCI8Y-I6arxGa_vQ0-1zhuppHXP2ePQX9wZ3jMkoW2N9h-WB1uyw1hAZ64B5ceTr3QeuiQgZm7ShU12kG5iG7J4de-3Ezw44kt-N3uYBv_YyUf--s7yENETGufQHD5XwOJWAuXEuUPu8mkGTOSzmaiwQHiZns9zDaVqIjqzNfzGdfwb3GClxsO59mERD2U4ur6Jo2PWa2kC3_h9_0J3X-jXiVvSyWthiwj2a_nC53fYZTsLG9Exfm5cMVpDgg7Qh-ZfoEf1p15EVEfm1KNcl-AEod61ua3FOIPeHRSBX0OwOevL6Q7rQEokVtka_ex89WG8_l0o8xc1wuz58BYySsfWOYDKLqrvblfibwTCDBkmmOeNyIMS3ppsPauFQe_1bMM8xP_JJUH9I4N2-HbbaesGkUw_lCZSA37P0e4GmtSbrAxCDpRXEdCvbo-Qgc8qqszR49Zhc8BoBM-FoMSFrurxX-jptg1O2scExD7PwyKPerzxvCjM3qv2nr14-P28EhZk6YBlfwDglfWV9k5EaCVx8_Hkjbyglmqm6eNbUciGzEgqJdanMxFRG8a-EPsvsUuP9_6EqDDcFH_U1ZkT72LIdX_ubm9NCYEMuh6hp9M7trdT8yQ&sai=AMfl-YTA6VO-9aSGEcNquG0_tbqqWMffUCvhhNbrfZxRG0nv1oVWRAttdkd3ehYY9kF_bSLfo3Or4xyfDEv5s7n_tfYbcScg7mgKXuLaUIOlWzx0BX_1pdkfAUa1EK2uAQUP4QjqKFlgIwpF4pkEqL49Ln01nZsf9nQraMNsNiwC81JpUq0a9NBGcGrEslhSp9ICBMD1p8W_f_RfugB2j1Brdgdc&sig=Cg0ArKJSzHleLMBIWpZ7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=329&cbvp=1&cstd=327&cisv=r20220525.17303&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 29 May 2022 08:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0EC1 0
0 91ms
90ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CA-2OCTKTYvCSFJfZtwfW2Z74CPu9ns9pk-OBuMsPwbWY7s0vEAEgxuCLeWCVAqAB_IzJmCjIAQmpAhsphEhLXoM-qAMBqgTUAU_Qnsg1Ps6fe52YhIX3MrFBPdV_nufxP2QR49gfgUZPL00yfA2GdmtLMKiPqsltNX6RS5Jr8y9wrbw_CL8thyzulDmeJ0F3YbmW1DW-hYYdh47LriKu2U-ygyhuGm8ws-PfZvku6vLmXGBnX-xHYNreNM7X1D-6YW6HT0QVKZ5wzvBpnIPtsJ8yjDoxTCgweS0PYXeaRgk_Z7Vgwra3gmY28jEp_B7-HVaQ1E4zlTYjQwWW52CqkkEIh5t4lzpua-Qt1iP4k7hkHhwIIluQx7uNYR-2wASP6NuB_AOgBi6AB_zEmfgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2r4C0ggJCIDhgHAQARgfgAoByAsBuBOIJ9gTA4gUAdAVAYAXAbIXHAoaCAASFHB1Yi0zNzU1NjYyMTk3Mzg2MjY5GAA&sigh=owRfAbsp5M8&vt=1&template_id=5000&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653813769&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768863&bpp=2&bdt=684&idt=317&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Cr5Fl2u3iz&p=https%3A//kolobok.ua&dtd=324
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 May 2022 08:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EC1 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjste1NWAuQ8vi_1fKTom0gaDX1LJ8Uvq34DyLjIr8mAEBHOgDdEO5xWhg9Finr85KOMNBzJbOFEYCeHLtI2i9JHOcCQYjoR4e5tHo987Yxes3MHBOuNqQICICXfO&sai=AMfl-YShpa_5ZbYU4yetlsThCdAzhwwVD1O0V28sAOs_4wxl8k7nh2uy11n0nuNxHKkFzOJ9ih_IqRB7i5iR&sig=Cg0ArKJSzNQjWG4Mic5NEAE&id=lidar2&mcvt=1023&p=0,0,90,728&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3555305732&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653813769188&rpt=858&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 11A8 42 B
64 B 89ms
88ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP7MW5e8L7PGCVgEEPHfuIjwsN7Zs_7krqd8AaVXvHg2yRX5eBprBZQwE-BYIafwMtBj-eRmtRVSttYbmsXpHVW91n0th9Zf70jIXLnUifm0T1G70Il4ez2avA&sai=AMfl-YRQy7y_2jjn2mYIN3IWWQAMesBrVBOgwoeotvpihQhyfJI1ZnsideTkG0z_9j_1dGjK6oHitSMvwdnC&sig=Cg0ArKJSzOHBZaweaXO3EAE&id=lidar2&mcvt=1022&p=0,0,600,300&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2236407440&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653813769196&rpt=863&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 60ms
59ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=8ea486a5-d161-46a5-a5a4-b1d24d77a9af

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 29 May 2022 08:42:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 style.css
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/css/ Frame 82AF 1 KB
456 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

850abd537bcc26f2b2f88a35bb41f50797709791ae1f290278feaee95a2945bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 430
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:14 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 30 KB
30 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26d41601c7a81071942188ce94257e8b4ab676da5d0b7db18a3b3e0e8a7a6267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31080
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy1a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 8 KB
8 KB 65ms
64ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

771807c7f658cc84456aefdfa5e9e993e7a74e74b30ad7b3542a27470f87c787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7909
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy1b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 14 KB
14 KB 127ms
125ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d858240786c44494fd76cd5564f3ce5bb86748ffe5f2193a7a5e0bd4ee6c2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14441
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 20 KB
20 KB 120ms
118ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88cc48b838540ba1772a88446549d7d8e57e61ae0b579cc3b9b7afc0313918e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20160
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy2a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 10 KB
10 KB 164ms
162ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a200f91a6b0880ac12f22eb4fdca85a06860f9da88a1c89223469a9c98ac54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10521
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy2b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 4 KB
4 KB 162ms
161ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1318beeea4610b41857d2f85fa07b61abf9dadd75de2ff7489192a3bb102d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4316
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 23 KB
23 KB 144ms
143ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

537679b37618b9bbc0ec6829ea731a977a56a541915d4beca450bb3b9268eeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24033
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy3a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 9 KB
9 KB 156ms
155ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58a1131ddc552c153d7a5b32835bc3c912b74a3cc0c3c40981857abd89788fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8888
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy3b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 7 KB
7 KB 154ms
153ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36924a7012531d2ee5ae016a79a371ed7451daaae4a56fa7e65584437516b1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7006
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy4.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 8 KB
8 KB 160ms
159ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70979a4ce62f17c5be15bef635f9911bc889d0d38f67d6d18a2df5266b0eef87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7926
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 logo.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 2 KB
2 KB 158ms
157ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eee5df34c0397f272d2d06a5764b04f192969cb4ee8828488fad83449fe82dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2413
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 cta.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 957 B
981 B 159ms
158ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a99f6c0e1cf41c58c0823d12b761dd7ac9f7c212629ad92485e10defa9d1c3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 957
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 cta1.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 82AF 907 B
931 B 155ms
154ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/cta1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0425040d7d896dfe92bf7a71cded18b7d2a00421f7e1b927a574ec96dcdc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 82AF 60 KB
24 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 08:42:51 GMT

GET
H3 200 banner.js Show response
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/js/ Frame 82AF 4 KB
708 B 58ms
58ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/js/banner.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eabab809294f87a4cbdc93b9a0716eac17f0dd376409769aad17715dba00325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 682
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:14 GMT

GET
H3 200 style.css
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/css/ Frame 6872 1 KB
456 B 54ms
53ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

850abd537bcc26f2b2f88a35bb41f50797709791ae1f290278feaee95a2945bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 430
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:14 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 30 KB
30 KB 61ms
61ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26d41601c7a81071942188ce94257e8b4ab676da5d0b7db18a3b3e0e8a7a6267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31080
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy1a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 8 KB
8 KB 159ms
156ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

771807c7f658cc84456aefdfa5e9e993e7a74e74b30ad7b3542a27470f87c787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7909
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy1b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 14 KB
14 KB 160ms
158ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d858240786c44494fd76cd5564f3ce5bb86748ffe5f2193a7a5e0bd4ee6c2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14441
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 20 KB
20 KB 162ms
160ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88cc48b838540ba1772a88446549d7d8e57e61ae0b579cc3b9b7afc0313918e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20160
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy2a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 10 KB
10 KB 166ms
164ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a200f91a6b0880ac12f22eb4fdca85a06860f9da88a1c89223469a9c98ac54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10521
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy2b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 4 KB
4 KB 168ms
165ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1318beeea4610b41857d2f85fa07b61abf9dadd75de2ff7489192a3bb102d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4316
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 23 KB
23 KB 168ms
165ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

537679b37618b9bbc0ec6829ea731a977a56a541915d4beca450bb3b9268eeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24033
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy3a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 9 KB
9 KB 173ms
169ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58a1131ddc552c153d7a5b32835bc3c912b74a3cc0c3c40981857abd89788fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8888
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy3b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 7 KB
7 KB 173ms
170ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36924a7012531d2ee5ae016a79a371ed7451daaae4a56fa7e65584437516b1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7006
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy4.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 8 KB
8 KB 175ms
172ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70979a4ce62f17c5be15bef635f9911bc889d0d38f67d6d18a2df5266b0eef87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7926
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 logo.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 2 KB
2 KB 176ms
172ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eee5df34c0397f272d2d06a5764b04f192969cb4ee8828488fad83449fe82dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2413
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 cta.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 957 B
981 B 176ms
173ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a99f6c0e1cf41c58c0823d12b761dd7ac9f7c212629ad92485e10defa9d1c3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 957
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 cta1.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame 6872 907 B
931 B 177ms
174ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/cta1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0425040d7d896dfe92bf7a71cded18b7d2a00421f7e1b927a574ec96dcdc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6872 60 KB
24 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 08:42:51 GMT

GET
H3 200 banner.js Show response
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/js/ Frame 6872 4 KB
708 B 55ms
54ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/js/banner.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eabab809294f87a4cbdc93b9a0716eac17f0dd376409769aad17715dba00325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 682
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:14 GMT

GET
H3 200 style.css
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/css/ Frame AFD8 1 KB
456 B 54ms
53ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

850abd537bcc26f2b2f88a35bb41f50797709791ae1f290278feaee95a2945bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 430
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:14 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 30 KB
30 KB 90ms
89ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26d41601c7a81071942188ce94257e8b4ab676da5d0b7db18a3b3e0e8a7a6267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31080
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy1a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 8 KB
8 KB 177ms
174ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

771807c7f658cc84456aefdfa5e9e993e7a74e74b30ad7b3542a27470f87c787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7909
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy1b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 14 KB
14 KB 178ms
175ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d858240786c44494fd76cd5564f3ce5bb86748ffe5f2193a7a5e0bd4ee6c2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14441
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 20 KB
20 KB 180ms
177ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88cc48b838540ba1772a88446549d7d8e57e61ae0b579cc3b9b7afc0313918e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20160
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy2a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 10 KB
10 KB 194ms
191ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a200f91a6b0880ac12f22eb4fdca85a06860f9da88a1c89223469a9c98ac54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10521
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy2b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 4 KB
4 KB 195ms
193ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1318beeea4610b41857d2f85fa07b61abf9dadd75de2ff7489192a3bb102d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4316
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 23 KB
23 KB 196ms
193ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

537679b37618b9bbc0ec6829ea731a977a56a541915d4beca450bb3b9268eeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24033
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy3a.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 9 KB
9 KB 199ms
197ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58a1131ddc552c153d7a5b32835bc3c912b74a3cc0c3c40981857abd89788fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8888
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy3b.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 7 KB
7 KB 201ms
199ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36924a7012531d2ee5ae016a79a371ed7451daaae4a56fa7e65584437516b1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7006
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 copy4.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 8 KB
8 KB 202ms
200ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/copy4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70979a4ce62f17c5be15bef635f9911bc889d0d38f67d6d18a2df5266b0eef87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7926
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 logo.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 2 KB
2 KB 207ms
205ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eee5df34c0397f272d2d06a5764b04f192969cb4ee8828488fad83449fe82dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2413
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 cta.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 957 B
981 B 207ms
205ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a99f6c0e1cf41c58c0823d12b761dd7ac9f7c212629ad92485e10defa9d1c3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 957
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 cta1.png
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/ Frame AFD8 907 B
931 B 208ms
206ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/images/cta1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0425040d7d896dfe92bf7a71cded18b7d2a00421f7e1b927a574ec96dcdc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:15 GMT
x-content-type-options: nosniff
age: 7716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:15 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AFD8 60 KB
24 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 08:42:51 GMT

GET
H3 200 banner.js Show response
s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/js/ Frame AFD8 4 KB
708 B 70ms
67ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/js/banner.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eabab809294f87a4cbdc93b9a0716eac17f0dd376409769aad17715dba00325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/9208292/1653306364583/MediumRectangle_300x250_BondMazda2_Mazda_FY157_AlwaysOn_Q1-Q4_Allgemein_Mazda/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 06:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 682
x-xss-protection: 0
last-modified: Mon, 23 May 2022 11:46:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 06:34:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8009 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLyMpCjKTYu6gI9bW-ga7pZ7oBAAAAAA4AeAEAg&bg=!HB-lH1vNAAao8wy8iPM7ACkAdvg8WoGZMz-zLn4H0h0GD_xiCGODQcn4-XagdBEwZnVo9cC7W9X_swIAAADXUgAAAAZoAQeZAt44Jd4IgVHsmNKKpGzAKtMXb0fPTT-E26RQbTNn5S8fmlKXRkuwh1RKe82O4PqxSNNZFykVbKQJWi74V2R8BVMmvF_JU0aI3GSAyGDVHVgcahMFMHfAr6yovGih4o-56y62fEu1_WYfUshSKGcUJl6h6fjk4thMYGkVB7ks03ixsZVNoRrofQY-fV4eaQnldauqlaO946LgmUBMQ-AnTSK_Nc6zBVBUsmLRbmOMTUS3PYDU-N-ceGhsT6f4sEbYyMGkd9lvkruTXCYx7k5cY7BXfWnmtAv0bAjvDRiWhGdr7MWSUUQ3EpjpwNRgNV0BFUrt5kpVpqgJZltbHMwv6oybQGCxpR2NXFKSWTDsHbxqaFLSGGutbFezkitdcPTrs0ATQsvLapDcKNePVEW8VcFewMv1194Z0HgeWB7XWOs4-2095dGbyVPyzHYQap9YGMUG5n-fj6aOHmbiDz-Wf0hfDARBKAqHk9pb6IYZpKmACJpiOl3qIONR9hsHhCA3lGCy4v66WxBdYHkGKsQv6HVBgx9LWyYzMDM-stYnGDXOQjWQ97rojuq2ctTNJHR51XK5yICdruJfvxgx-jf_zegoIjHdp2IRkE82lsaspw3y6G-XeVm-5vXGFqO98Li4aZuK8ShHeXsszNrvdtt5W0y45H4CGoffR2U1Z0gDkLBgtn9ohqjNUIXDD4MmGsJdZPuEDW0wetv6smZ_-_qR5mOwETFYyDAE-yq7HCIoOspR8w6IfH1DrYWoiWBTw68VFVhzqlvEQyQV86lor8bXk8fiz4TZ9Oyoncr097f9d-ZejCDbUHdzi4YddkHqQZk9zD1a6rncU4H3IUph6dL0GfqjGm6irLzvFxp0SPauzESMdymsXt2AyZl7HChrCrfLmn9ET4zdXswfplUR-30TVUa0lYiukJ0kNQKBUMXJMSpY5qXuLtcwbynQqiiwbpi9L6c9s94BbjToDG3UTdcqtg

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 725D 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B33WyCjKTYoi-JcapgAeftYvgCQAAAAA4AeAEAg&bg=!ICOlI2fNAAao8wy8iPM7ACkAdvg8WnQpvq7WgK1GpeSB86GOhoLLFGhs1jDcrYetDxUfVdsLsJH-eAIAAADQUgAAAAZoAQcKAIbyVik2dh6uwBHhQdPYjLGrdq40IMDL0rGBHvSRIIq69xkyFlAFox6hXNcUqB2jzXR49LG9VAxIqMh-FLZtKjRxj6g1IdapUQAWIWr2fcJbUaVA2WZ1YdkNKG6wzxHJ1WsreuMnGBpuae74Cmp2QlutM_H8UmyuOnTgNeIPghLATNsj4p1l65kC4Qpjcp4BS6pln0wh-J_Q8kY_mnyUekjGFmrL-Ju6U_aWm-VjbFgqW8UPjkOmImez9jpyCa9pdpgUtidNv_qS-Wfii7a-4uzSvwwN4RVDcgn62bGr4NtyCPQq1Tp7oEPW6bQhmASUEXLBC6FJO164oDNGlXn16fI2WBnyWqLDsB9an-S0bw6Kem90UDnZP-ubukVRbiQ41YCsvwJGW4KJXyCrsLTR9_rcgbhyJlHR8sTCWLNkoIGUaVoCrVlFFDk-_4Rv_VlNYgC7nLocUz9a0QYLgHaK34S_Nax_haFj45ifd60Hb-CsRSgSJABwtG6jyJVYJuJbKGvMgaBu7DkampLZwEXuyn1V4es3UUHeA1yoanSLn7sTuI6MIiYgxPPi49arHHlREq235iZnPwciDtZj_wYiFTWNtmQDQEhZ03Is54W7JWGWlbKT2GjL08fkLxLlvG26ATDQfQXWO2Rj3_AW97L9ZTiJPgEL-_fIg--iqRf9c-onjCFP1_CCTjDq2R2ddrBeqFqpqsqzeGdpWVVQS1x3s_6FMx2OjQdYLxgj2hQPHt_bDZvSA4TRF70jX6UHbCdoOXMcFHcFQRCgKg6fmqgDNpMQVzRhI6itC5VYoR9rpV1blzqTHBTaZeh3tF7a4-JLTpnsM6NKIHY9pfnps__gdCSO8N-gAP8pKybE5GFB4A_TXPupyN8CQP6iICHMUgnHQMU7pkK8_-zvc3qyIb5IO_T7gv-wUNJL0-edX9mfReRbt_ZDWhvq-tQxXwVhL47Ka8lyWAnTWcE_mDxovAX6VYrvzwKUq22UjlUSc0xEjcTK7_ISAF2iY_JsKBLDZJPodA3pPJGdWwH9MXsv2paDrIANMY1rYhRX6Dkjj1pKovOx0AHehcASRRmfuIrRObO2FNfCpfEmLWOA3-kibUMtzPyAsxtxQuvKJuV-1L84oYUmWHdsQlGtrdCn0NZh3r3bA7B1A4hAPlfy493q

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0E5 0
20 B 91ms
89ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZexvCjKTYvHDJvKU4gGa6ZVYAAAAADgB4AQC&bg=!kpGlkdXNAAao8wy8iPM7ACkAdvg8WmO_6qZ4JuZHMq1zyJ00NTOqnLeqMO4k9LAmm-1pC4xg3c1FfAIAAACvUgAAAAJoAQcKAFsm8IJzldBZ7OBIDmm3pVrULU93ctgk1hdCj6yQiSg26X_PNb6hutgqxRBWEBTfR-43g5P1AOpJsfc7E_jYK6-M1bvrtUf-v9znndfuR-K8Bswjdu1DEIARk0YYmQL31ZMT8IFKItkouYIg6TkLLGjMbeGjXixvuMKRJKa12WAQwOYMExMB_cSrSMrI5ZSvceTrzP2L6zCjrc7OiaAKjAGamdhX9DDFNuvYkJ-d6RkVAGdZunkmmYplbkaT_MG1pIDHnEiAgzqZxMSeslSoig3AaFDNTwmpHX0k6I0wr06gLqreV_35DCCj7VIgvEWp4EZ4er1viLJR2xiJ64QY1YbqrRP3qKzwMRlhey2N-WhOphBOOp_UVBZArT1qJMPiSAp-hRx4ik76rtXmemT4-68G-8dY6570h-oO1qRzoNiUNLFrDrV1Uc1UYG2dGoEbeAK25TL7CZOBFWx69xhwEGRb_G0wMwpF1AtIeFRBW0LrBhgZdtplhfgZJhFKh6i_9iHi2M-yEKywA2xJYDITgUSXgKyoAhn7vkHYn_gt1gpMfPoQXOJLftkqzpLTntx5yJCLpt6Vr3XrpCmiwVs3CQUhj2J3bvCSvhOSEaUJq7TL6wLXIHFBjR4tQhBpdVgHdyr1GlMC5mxnz-_SDaSYxRBv6JVRROny9Euk4bx507BxUdhZ5bJ8QmWH1BfppLuXgRNnyaN7Gz4J8kXR3-O86IeiJZR7GrrBgJsy9uUDEOFiUuYfVqrp5XYQgHbyTrmPMiR8hwGMBKk-TK4K3TyWCO4m0FxzlpE0VmtV4c5thQG0YVnF3vXqClfwEBi8O5cfUmQ0sQRn8BUFbA0xlrl_QeDim07-y_XF6Z82Z4cvVCVulFwB8lNu_HTKBlBrHYVlArMJo2BBc9FNXTRM8dnSuYqugH2I8oal8yRDkiY_dsmsH__ORkEEXvEkqh1jgi6JIBoRmSwMy2Fuyz4VLR0Y_5n_d0mdT4gx2j-CPTZZG4emcQL5Ojg10nz6jPb1UXdMuVeyh07w-uPh479EAXvqQcP6FwqPDLfn9oeFUDxU8AD3VY_Sbzw35nywDPDQ7_EKkOqZ5QQMYck6d0xg9CDBijB9Z7vktXeGwSEmBFsqTDp4oBcIXWhm

Requested by

Host: 167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
URL: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 51E6 0
26 B 92ms
91ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5jTkoaqUdLd3nP3C2kv6tdJehDH4ArV9rq-9Ln9sd99TiQXRfosNvnPDjBnTexU1NyArKRyEkuJGlfmdg9w3iDFpy66gp7jvICxrZmTE0fEK4kWb155obGMGbmuoWtE4CJCKfdDf64p2IICv-9CpJmo_2sicb4_bhx6t3KkqtG3hI5K-lmheYEqcXMIFm5EuESO8CUQpUpPXLuKVK846rpfpE9GFmPzjiHa4TNsIkOhIRNFvVH8DI5Xm2xP1sEIteWDl8DtLAuRGKWgf97k7mWWoDeF-mbDbxb-r9QQTXBYme92nDjDuPJ0TbGFRoGSPOkuWvJAlBDgQB_38sQJ8zvICH1jJNJBnVLpIGbpjO3jRmsdm_LDZLnGbZyIL2sPmHbGBNtj_WADVH7v-iir0cnOD-63s6_ZE862XRbDFHQj6Mtk9Wk6ZW64K44pJiEmpqLV-ZSPEHtMtb6GTLEOXe5ny5Pbavamdb5vY3zygrDvkB60oCQXkLLlvi6QJzFMKvkyKg0peGExbroxbUGwDivE9VeYeGeqZg0jTEAyx4-9QYj8ptmnjujpTb319NTttjWxOCWmcfzQHlUUKq0fL6AZxC6l57RT2MoYoADSNwt78R7fYwsgOu4Xq60g2GeWXtUvjZmiQMkl2YyTRQLQyphmFaOb1TOq9AAH2WFBaZkHetXMA4DC3mc9m0V0QP4EwgCzDIUXtoXIDt0VqenJLl9pNzh0lYjJg6L4PvtgE9ZvQzx54LGQB-MsgWBb-Hh9DyyO6usNpU511a5sJ45c5rJ0Z2iO7RMf5XHNUfn3szr29MhhdhYtdxwOOQoxPqpRKD7B-A_N7j39_JoOSbBwN_XFEhvSpPoLFfItRT4PZ5QoAESc2H8TxQSf5QwzFqE-vqEZpMU9N7_lt73efHrN_VmaWklF3mzVRjMZrRoIvw9Wx5hF_--RO0ecddw2LgdnWEhBxm1YW-_V-2AjsV0cDq-v5sqbFMMyzrfoAufJagjb2_rlv73os9Iwj1oS3DtyoLK1RT99ehcFa32QNUroD1RcAf3CJ_GFtmtLsknkhFfmDfI_-gbEbf86IbsLQ_AxFCVci8Zkw0pZRuAyGZyS2MzKvK8SMe7ns9RU6cECDBrm4Wk4NGBpV3RgGkR_OfevQUWgRrmsMVX_Vey2HoRMgIrfihN5u-laiBrcYwuKdx88YvpVBxBRFJTS3LJKcA7H0kKrjnlnOvJOutRWXiKGwlnrbYGd4T1kchjQ7hwu_0eWFBq-sS2p1kAQ5Ihgb9HnEuOmR3tEwrK5BzNUz1EZz6AxcnHuZMFHCgkkmnpmTM3AC6m5sM7AAydaoHUsyh5SDbszXrfOrT&sai=AMfl-YSEfLxBjYVKm4LnhLrXgrEZslVlKkn3R3TGpTLy0qJxvpvIm6zvF8t-SnxaGKhkgwXeMX9kgEzAEuuxQ603XxOHfTwEzgyxy6MVokOi5bJ1rnv8N8RNO-159cDFTuV_olWnTsHAkk44SiS8-5GU1s9sE3pBH5t4iQjSXwrMXWXB_Lt0-quFYbK_UciIgffRiM6WL_EjfWqLMCoYlOr5thQz&sig=Cg0ArKJSzJcHipQVD0crEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=822&vt=11&dtpt=493&dett=3&cstd=327&cisv=r20220525.97677&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 51E6 7 KB
6 KB 69ms
69ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeb3fa8b9b79fcdd035d7d0ead566517b6d6da24de8ed750ffa9148b343c300a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5611
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A78 0
26 B 91ms
90ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstG3ilEZ_rz7CyAGAph_A0vaiq5PgYEkLcpq7irMGTdH2u6NeQ-W7Ftfa-ubpRJy3C_OuO1Seot6ZMg6kLuXg1c_SpgLAsZvRrb1zpMmwPoalxVdAhDK7MvtoSTYKTog-_P9fAwViNMYw5OfFs-m_VsW3gi1VfgrhuhEdATn3fAnD1yBMto-U3a8sbEWlSRwuSTVmQ2kuUp7I2VY89IhhYz_zn-0nv4qJK-WL2uAJJD3IHqdlt3h60KcfaIc1HdjxFVq9T-RC1INIDk5amnHhC5kSKgO6RS7Bg7npqARUgCHBITtdu1t2aySPDXNHikOdG_H8F3hCLBJ2Ru-dTYmI-HKAZXVfuGBkii3A1YATSVWtf6EnBkqtMGL2awNHCbPfuJxjbO8nnftdU_S1Ftuq2XcZT--_M_oiyNc-nWe0mmEg7xZetvuqPN9t8igJbotNeb4Xi9C-WMdjqKHibxz1NUefnxVMrrR840ZrxFSy1n7QLBfVZrVGNkBugEwTm2Q8De4gg1yAGYE9Pk2-gbW9cI0BVRFrW7RgHcQIk7gEHMMtNT9CFKzDR-Y-wTGKN5MaO9F-lrgKjvxybTfmE49v-zNZBVDG0s28jm11uH2Wc1I_qOuzZ-QCtgdfAsgMW07cY5fKzajO2GShhUddS_wlRcikQ2E2kkDibSjrBLDQm7dDi66pDoziAJji9LtQF3JCJqsL5LE9GdmQJtw04CgoUoOAHzNrzX4XBsMs56DpBGelZzPSdnrIlELSd3hfjTFgqQ1t1-u-cR_fa8mQ2YPas9dZx6ZmvEJJ3DA0rLQQVB2SyKr91lYI4INxkf5BUp33tvEaEitLXSvOe0GqZdzWr_0mheoD6u-FknZVjBUEVesBYl0FIaPC4kYOcP8jq9up6VzhoXACGYL1-FrHPbEkjPlQafAL75-Lh6IvoiNB_8iHLLLYXeY-AyqQQjZVqlmx1qwRPwCpaKaw_4HYVGgqYcwkyxKuhrDKOGGj5hzXNuYZNkAmVCQlN4h-91hTV0120QW8kLjXjQUoFuPlH5bCJJ5o_Z4cQ0HEmow-9DR09wheEVogF6AEBvkZW7m6KHQgnt1IzC5TLJu5irWxE-SDQGrpgqICxV9DZ9QUFuKpGMhz0f-DVUNZRPwHq77E-nZ8v1ZOGy65n6-fJysiqipgd0mCb1MeADT_oprNJOIk37PjziqRbZM5BtK2cYiyLic9ZyyU_rNC5-GWAXNNhdYd1IoY3AHcQHsTNn_cCYLtf5Wkd3mpr4&sai=AMfl-YRolwVoSivghtonrvuR2S0HsD4HXrEzcuyuB8AJKp-_zHB7gRHljuoseC5FtW0PQsGjKJba1ppOx5zd4f3BraMfHK-Bcuz-GCTI7DRoVZH7emyQADLNQVeIXbcHBN5z9IP1o4JRJ_l1EjKfh7Biq2-DLh6tKNHik2jmBgy3aZY6BOuTOOFPl0ZtdG7X9DdlsTEXs7k1B5qFGf9OvLeeW2PI&sig=Cg0ArKJSzDqWSby1fCuvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=782&vt=11&dtpt=463&dett=3&cstd=317&cisv=r20220525.42748&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5A78 7 KB
6 KB 66ms
66ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d84489d89305880f5a96825b682d501a7c6cd3cb729a6a2686d0bf08e2d3ea36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5671
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2BA4 0
26 B 90ms
90ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss__oH9fyAnqdC_yI0vhFTZpm9qUQUctejX3FVm5DJae6JIJtA93McWVRh3bU8SuKsXjI1jwgwfeGiKuetz9sPj460PotPY6cPwCTPVgbNf4HarctXqRF2cEMsWEjhMEnMsaeFvVkixFrxEvYGOWd1S1KtxtDtBBguEBcWs1LY6HsNdPZf2uW0QSCDmO45ILcXtBS1odygTbdQCUJ-EtqT6wxQJ1CZ4sItQjYlyzh6aYvLyMKtQmtYjyFlv_m7LtDIig6H7krhhxYyc7vHqwXfw8dYo8ylRjpEN0Sduc4WPfpW0qSsvPlDbqiXck45rUj5UQ416gpsmpHRyVuUsDRIzEHJ-vCMYz9OgSZ4CYYsI8l54GVE_EyvDin8U6429KjmT1h6qnDGj7hm4Vjgk8LcczV3MamVE7J-7pSNo5mMRWgkM85kyQqkZaTxJt9vax5C4p9S5UrO_LA5wv4raPeGwdUUKQo6EDevSWtwymwG32Ee1h_l9LZ1Eew6tZLFigXOYTraFlvu13Kwo1xiE9fH_efATMPXtDNnCyD_PgXdX9xBFEUao0QaJ3M6hi2sgo7Mp1ferGYenP2izrI6LF8ZcvfwaR5eHBNoR0QMo7x3tDgwFWDGvql6uCjrzZDax-80_xhY3b_j0pE6--Eqq-xZ_-ofpRWk2EyUNm8OfToq-ACiNKrFRm1n5hwc6EQoe8cRnPa6NLkdQGlfujoDfvUARmoCI8Y-I6arxGa_vQ0-1zhuppHXP2ePQX9wZ3jMkoW2N9h-WB1uyw1hAZ64B5ceTr3QeuiQgZm7ShU12kG5iG7J4de-3Ezw44kt-N3uYBv_YyUf--s7yENETGufQHD5XwOJWAuXEuUPu8mkGTOSzmaiwQHiZns9zDaVqIjqzNfzGdfwb3GClxsO59mERD2U4ur6Jo2PWa2kC3_h9_0J3X-jXiVvSyWthiwj2a_nC53fYZTsLG9Exfm5cMVpDgg7Qh-ZfoEf1p15EVEfm1KNcl-AEod61ua3FOIPeHRSBX0OwOevL6Q7rQEokVtka_ex89WG8_l0o8xc1wuz58BYySsfWOYDKLqrvblfibwTCDBkmmOeNyIMS3ppsPauFQe_1bMM8xP_JJUH9I4N2-HbbaesGkUw_lCZSA37P0e4GmtSbrAxCDpRXEdCvbo-Qgc8qqszR49Zhc8BoBM-FoMSFrurxX-jptg1O2scExD7PwyKPerzxvCjM3qv2nr14-P28EhZk6YBlfwDglfWV9k5EaCVx8_Hkjbyglmqm6eNbUciGzEgqJdanMxFRG8a-EPsvsUuP9_6EqDDcFH_U1ZkT72LIdX_ubm9NCYEMuh6hp9M7trdT8yQ&sai=AMfl-YTA6VO-9aSGEcNquG0_tbqqWMffUCvhhNbrfZxRG0nv1oVWRAttdkd3ehYY9kF_bSLfo3Or4xyfDEv5s7n_tfYbcScg7mgKXuLaUIOlWzx0BX_1pdkfAUa1EK2uAQUP4QjqKFlgIwpF4pkEqL49Ln01nZsf9nQraMNsNiwC81JpUq0a9NBGcGrEslhSp9ICBMD1p8W_f_RfugB2j1Brdgdc&sig=Cg0ArKJSzHleLMBIWpZ7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=767&vt=11&dtpt=438&dett=3&cstd=327&cisv=r20220525.17303&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2BA4 7 KB
5 KB 73ms
72ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbe8c3d1ea8cce13491e55b828c6b4aac1f545fd16a5e6c5462d5641bc28f6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5535
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 51E6 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A78 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2BA4 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:51 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 65EB 35 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:36:39 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame FF58 35 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:36:39 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CB8 35 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:36:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2BA4 42 B
64 B 93ms
92ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumUcelfYuQ4jzHjjB7-SyO4J12zbNWcA5ANHXj-ZZlb89law87lybBltdoPJ69sKYvDp-p1GCJ3Am6jPI2dLyOzXjUoDmFLpkv7lQaajPBKVLqzMBBavNzjCLV&sai=AMfl-YSHNWvRU7NFA9CIjZlEq4fvwFMrI2KeZETFh2AdGV34t6sXI_OmjeUU3Xg5Ac4NdyZeRwTV3cWcrGqnguMWDr78rvTyomrugukhXZo5UJcUXS6TAXl-MkkPAgsD&sig=Cg0ArKJSzDtpNg9oOFzTEAE&cid=CAASJeRoEw0xTDuwnyT_52xuLZ7mqpc9IgWzcA8HCm80jW20AORRrDc&id=lidar2&mcvt=1010&p=950,0,1200,300&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1163118235&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653813770523&rpt=300&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 75ms
75ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220525&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4d9074136cf6a5b0189d33a6a075f502847f1c8b868510a9cec84af1d067ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 08:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10632
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 6202 0
0

GET page.php
www.facebook.com/v3.2/plugins/ Frame D20E 0
0

GET /
exchange.informer.ua/informer/stat/ Frame CCF7 0
0

GET /
exchange.informer.ua/informer/stat/ Frame EB97 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 84DF 0
0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 08:42:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 10B2 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:14:04 GMT
expires: Mon, 29 May 2023 08:14:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 972B 783 B
534 B 63ms
62ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0fd775d5d20f5f2182d0ce2f2fb54b8739a8f5aa3c56ee729dbf80fb1dc32722

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S6yYrKX2EmirXuNnW5A7hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-S6yYrKX2EmirXuNnW5A7hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 08:42:52 GMT
expires: Sun, 29 May 2022 08:42:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 10B2 35 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:36:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 972B 0
0 95ms
95ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220525&jk=3042176629478848&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 10B2 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KXK4aw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:42:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 106ms
106ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220525&jk=3042176629478848&bg=!goGlgcXNAAao8wy8iPM7ACkAdvg8WtyflaeNvMwI4bwIHDdwPFrRj54_wSPKWgp-xMoJ4FvXN0hf9gIAAABhUgAAAAJoAQeZAqUBR69F_tvvva2yPb8DmjbtZPV75O1tgagVPPlr0-N4PsmFb1KEa1iVsNnthFL4cMOmZ3syoAF4XcZuP3lkWkmBMdQlXF1zvNipVMKdczbqklhbVphaVNABv_IP3TBjauDbPBK7vAzY_ySZ9tZDOswlepM5Q7hlJXbiwe7m-F5X-Pm_mBJb8DPo29SGoppUXwrkBQh37O0XkYrzZlMghw51Tz3_uzu4-Y4c-Zr0LM4m3WxFgKEBKGpeZXo5bAfdgV6fq1VokbbNecpJUc6m9RxLyPsxzLFc5YNjbfB2wzje7aPFFKqhY5BJ8sWPwf3iJioJtRyS9tbcJxW_ympot9qGWCJRo6WdDFKmpHDmbrVlL5aLnyW1G1RJ2lMbUbmSlVoAg_aNbG1R9CmNBy4gB4_z73BkG1W6UT2ZPf7EG-pXAk3TMV6RKELVOBc3XqJNElk9Q9VHdQwMh8YFac3QgbGm7xG3vs8U8UbAkT81YpyvcqRZHQ3en2AvXZGkgRNMs8UNFYeBS1OCVTKWCcravlRzKQMYgosPRrulY1ptSSH_B-4WZ4IsBmIiCNGbu4vKiPkHQLrYIOc0Zcumf1dKwkXY8yqieDxcxmR0jHst07V-SJPBFhTagSfXhLNYSfuyHaxxu6yR_WnNl-OdtKa65fa8pOeoa5ehsbVDkjIcw8OowYzwlCQ-UHg8mygnLlLC4yEj9szbLQl-gDGhaUstLkptGm8akbIcsoydezb03mCnlpS7w2bZAX4zXMJtiqjBwIfQDurA9lazz4g9xA3NTZ6DH7VbaFzftbaUj7RXTwDSgkTvC-Ss4wmac0mnM9sCLHu4qfemuKvFwTzAV7RgpyVOBpLsnuBdTU8QuPlOkXImjveEYBNHN61j2IdpJMmUPcI88eA7NQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A78 42 B
64 B 95ms
94ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviEPJQoYcso5g5DBCm1f5PkL8cEddAX6UBMyCMrnPAHOtE_80J47FNXNfJ6dCroOkP-mX7q8UArdD2iorFTrBxl6uSOryEhzoiIrlOdPZ_0SCdrH5bMxrlwt7f&sai=AMfl-YQ43lnuOqqnaPaxBnHOOMcYk81p-1yUHVNYnTQBNPlQw-Kg_RIbLflSYTC6srIb5KvxBZ_TNNoKuo4vQCHYLhlc4INUzhXexESymteVn6o1J5ePN3YkHBRsDVhz&sig=Cg0ArKJSzKA_o58qEpnCEAE&cid=CAASJeRo-9cHZyCwz8o-p9ZiHbF0fe4ncEqRh8jwqDLFpme3YkgPbp0&id=lidar2&mcvt=1001&p=950,300,1200,600&mtos=651,918,1001,1035,1035&tos=651,267,83,34,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4001892450&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653813770488&rpt=312&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 08:42:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653813769&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653813768865&bpp=1&bdt=685&idt=326&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=424785742066&frm=20&pv=1&ga_vid=1262892392.1653813769&ga_sid=1653813769&ga_hid=653360334&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C31064018&oid=2&pvsid=3042176629478848&pem=844&tmod=1816753381&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nd1jzfwt9Z&p=https%3A//kolobok.ua&dtd=330

Domain: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa643804bb9d44%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff3ebd6356eb8f8%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kolobok.ua/	1969-12-31 23:59:59	Name: b Value: b
.kolobok.ua/	1970-01-20 20:54:45	Name: _ga Value: GA1.2.1262892392.1653813769
.kolobok.ua/	1970-01-20 03:25:00	Name: _gid Value: GA1.2.176838834.1653813769
.kolobok.ua/	1970-01-20 03:23:33	Name: _gat Value: 1
.cdn.umh.ua/	1970-01-24 12:34:22	Name: AU Value: b08a7cff6eb8e6bf
kolobok.ua/	1969-12-31 23:59:59	Name: Value: store.test
.kolobok.ua/	1970-01-20 12:52:21	Name: __gfp_64b Value: FyiLwfxGlE_Edk15F6qIEtK91zhfpPzhsjaXZcQaAyP.X7\|1653813768
ad.mox.tv/	1970-01-23 18:59:33	Name: moxuuid Value: dfe70047-7960-477f-9821-0c1e44fbc7a0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_zone_imp[1566][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_zone_imp[1566][frequencyPeriodEnd] Value: 1653900169
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_imp[15343][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_imp[15343][frequencyPeriodEnd] Value: 1653900169
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_camp_imp[4843][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_camp_imp[4843][frequencyPeriodEnd] Value: 1653900169
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_imp[15262][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_imp[15262][frequencyPeriodEnd] Value: 1653900169
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_camp_imp[4421][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_camp_imp[4421][frequencyPeriodEnd] Value: 1653900169
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_imp[15189][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_imp[15189][frequencyPeriodEnd] Value: 1653900169
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_camp_imp[3964][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_camp_imp[3964][frequencyPeriodEnd] Value: 1653900169
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_imp[15239][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_imp[15239][frequencyPeriodEnd] Value: 1653900169
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_camp_imp[1949][count] Value: 0
ad.mox.tv/	1970-01-20 03:25:00	Name: _mwayss_camp_imp[1949][frequencyPeriodEnd] Value: 1653900169
.hit.gemius.pl/	1970-01-20 03:33:38	Name: Gtest Value: KlSzRMGGQMQGWtE2DMosiTaissGMXP8c25nSG4-i80LtXBG.
kolobok.ua/	1970-01-20 12:53:48	Name: __atuvc Value: 1%7C22
kolobok.ua/	1970-01-20 03:23:35	Name: __atuvs Value: 629332094aed6049000
.quantserve.com/	1970-01-20 12:53:48	Name: mc Value: 62933209-46d2f-faa75-0727e
.hit.gemius.pl/	1970-01-20 12:52:21	Name: Gdyn Value: KlQPDRaGQMQGWtE2DMosiTaissGMXP8c25nSG4-i80LtFRxSG7RrGS6GugsBFlnMxgGPoeISD0F6Sssa
.addthis.com/	1970-01-20 12:53:48	Name: uvc Value: 1%7C22
.bidswitch.net/	1970-01-20 12:09:09	Name: tuuid Value: b4693fca-0e03-4d27-8432-f9143fe553ad
.bidswitch.net/	1970-01-20 12:09:09	Name: c Value: 1653813769
.bidswitch.net/	1970-01-20 12:09:09	Name: tuuid_lu Value: 1653813769
.admixer.net/	1970-01-20 05:33:09	Name: am-uid Value: d0ca2ec62e2f41a583616d728d4ea089
kolobok.ua/	1970-01-20 03:33:38	Name: am-uid Value: d0ca2ec62e2f41a583616d728d4ea089
.doubleclick.net/	1970-01-20 12:45:09	Name: IDE Value: AHWqTUmqDPTdHVj1bmy-i2iZgSIzpoyR2zY_aleUepg6bMRQpvaeFFXQAoSkafewF2s
kolobok.ua/	1970-01-25 07:39:25	Name: cbtYmTName Value: XiV8Nzp8ZHw9O248bWZrajxva2dsbmpsfCN+
loadercdn.net/	1970-01-23 18:59:33	Name: vui Value: e666afe9d4e7418a905a12fc9041fe9f
.addthis.com/	1970-01-20 12:53:48	Name: loc Value: MDAwMDBFVURFQlcyMjc3MTg5MjAwNDAwMDBDSA==
.kolobok.ua/	1970-01-20 12:45:09	Name: __gads Value: ID=ab25ad20f7ed26bb:T=1653813769:S=ALNI_MaioVd3GduZvhJswu2ZNnGVU-raHA
.doubleclick.net/	1970-01-20 03:23:37	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 05:33:09	Name: uuid2 Value: 6555146989906342273
.casalemedia.com/	1970-01-20 05:33:09	Name: CMPS Value: 1838
.adnxs.com/	1970-01-20 05:33:09	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%we9AO2!]tbPl1M>e)ZlrFUfJ+tGXxoL?P/oE:F4n3IL^@0c:3YD<<xytaRsh44O5uSbpRzqF1`b^tr--EX
.quantserve.com/	1970-01-20 05:33:09	Name: d Value: EB4BCQGgJoEA
.casalemedia.com/	1970-01-20 05:33:09	Name: CMPRO Value: 670
.ctnsnet.com/	1970-01-20 12:09:09	Name: cid_6825bfaf2bee4e9581e2298abd833a08 Value: 1
.ctnsnet.com/	1970-01-20 12:09:09	Name: gid_CAESEAlddZop7k9tpaCJvhGYFm8 Value: 1
.mathtag.com/	1970-01-20 12:49:28	Name: uuid Value: c3bc6293-320b-4700-9047-82110a43f9e8
.3lift.com/	1970-01-20 05:33:09	Name: tluid Value: 2447685036310459613503
.blismedia.com/	1970-01-20 12:09:13	Name: b Value: 6293320B02011DC5B57BAC52BLIS
.spotxchange.com/	1970-01-20 12:09:13	Name: audience Value: 52f20291-df2b-11ec-8098-175cf56a0206
.casalemedia.com/	1970-01-20 12:09:09	Name: CMID Value: YpMyC8mzo5Db6asL8nD.MgAA
.innovid.com/	1970-01-20 05:33:09	Name: uuid Value: 58494289-5778-4f4f-ba87-60a26215fd1e-20220529 04:42:51
.yahoo.com/	1970-01-20 12:09:31	Name: A3 Value: d=AQABBAsyk2ICEMVtOkuvwIkaqQFcTcVNli4FEgEBAQGDlGKdYgAAAAAA_eMAAA&S=AQAAAnv-lsnIKipAvJQdeM0RAOA
.adform.net/	1970-01-20 04:08:12	Name: C Value: 1
.agkn.com/	1970-01-20 12:09:09	Name: ab Value: 0001%3AIHTnFuNO5lGjWmFOZHCvErXVTEsh%2BzOu
.agkn.com/	1970-01-20 12:09:09	Name: u Value: C\|0CEAqJe6LKiXuiwAAAAAAAQ13AQCAAQpAAAAAAA
.everesttech.net/	1970-01-20 12:09:09	Name: everest_g_v2 Value: g_surferid~YpMyCwAE2RgnlQAj
.casalemedia.com/	1970-01-20 03:25:00	Name: CMST Value: YpMyCmKTMgsA
.w55c.net/	1970-01-20 04:06:45	Name: matchgoogle Value: 5
.casalemedia.com/	1970-01-20 12:09:09	Name: CMRUM3 Value: 2d6293320b2760CAESEHXGQ7qgxXoczbp387GTLrA
.analytics.yahoo.com/	1970-01-20 12:09:09	Name: IDSYNC Value: 18yx~255k
.w55c.net/	1970-01-20 12:53:48	Name: wfivefivec Value: T0wqZAKn1NVevF5
ad.mox.tv/	1970-01-20 12:09:09	Name: bdswtch_sync Value: b4693fca-0e03-4d27-8432-f9143fe553ad
.adform.net/	1970-01-20 04:49:57	Name: uid Value: 7636516939778415718
.creative-serving.com/	1970-01-20 12:45:09	Name: tuuid Value: 96ba81ba-af83-4efd-a315-9f9e56d1a388
.creative-serving.com/	1970-01-20 12:45:09	Name: c Value: 1653813771
.creative-serving.com/	1970-01-20 12:45:09	Name: tuuid_lu Value: 1653813771
ad.mediawayss.com/	1970-01-20 12:09:09	Name: bdswtch_sync Value: b4693fca-0e03-4d27-8432-f9143fe553ad
ad.mediawayss.com/	1970-01-23 18:59:33	Name: moxuuid Value: dfe70047-7960-477f-9821-0c1e44fbc7a0
.advertising.com/	1970-01-20 12:10:36	Name: APID Value: UP53155f06-df2b-11ec-8a22-068949ec802d
ad.outstream.today/	1970-01-20 12:09:09	Name: bdswtch_sync Value: b4693fca-0e03-4d27-8432-f9143fe553ad
ad.outstream.today/	1970-01-23 18:59:33	Name: moxuuid Value: dfe70047-7960-477f-9821-0c1e44fbc7a0
pool.admedo.com/	1970-01-20 12:09:09	Name: tuuid Value: 24b36bf8-4386-439b-accf-de84f1f9b9ed
pool.admedo.com/	1970-01-20 12:09:09	Name: c Value: 1653813771
pool.admedo.com/	1970-01-20 12:09:09	Name: tuuid_lu Value: 1653813771
ad.adopx.net/	1970-01-20 12:09:09	Name: bdswtch_sync Value: b4693fca-0e03-4d27-8432-f9143fe553ad
ad.adopx.net/	1970-01-23 18:59:33	Name: moxuuid Value: dfe70047-7960-477f-9821-0c1e44fbc7a0
ad.invamia.com/	1970-01-20 12:09:09	Name: bdswtch_sync Value: b4693fca-0e03-4d27-8432-f9143fe553ad
ad.invamia.com/	1970-01-23 18:59:33	Name: moxuuid Value: dfe70047-7960-477f-9821-0c1e44fbc7a0
ad.vidverto.io/	1970-01-20 12:09:09	Name: bdswtch_sync Value: b4693fca-0e03-4d27-8432-f9143fe553ad
ad.vidverto.io/	1970-01-23 18:59:33	Name: moxuuid Value: dfe70047-7960-477f-9821-0c1e44fbc7a0
ad.vidver.to/	1970-01-20 12:09:09	Name: bdswtch_sync Value: b4693fca-0e03-4d27-8432-f9143fe553ad
ad.vidver.to/	1970-01-23 18:59:33	Name: moxuuid Value: dfe70047-7960-477f-9821-0c1e44fbc7a0
.pubmatic.com/	1970-01-20 03:25:00	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:33:09	Name: KADUSERCOOKIE Value: 2701D28C-F010-45D7-BC82-3FE5604B6F76

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://kolobok.ua/(Line 1734) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n43916&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://kolobok.ua/(Line 1734) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n43916&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://h.holder.com.ua/s?ta&bholder_300x50_6256&c1&r82453656&dholder1466079092&hhttps%3A//kolobok.ua/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://h.holder.com.ua/s?ta&bholder_300x100_6255&c1&r82453656&dholder1584315929&hhttps%3A//kolobok.ua/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pixel.advertising.com/ups/55946/sync?uid=CAESEDMHu4R55YAqS7ivljU0J_c&_origin=1&google_cver=1&verify=true Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

167286cde0487ae7c0d822c7fb242bff.safeframe.googlesyndication.com
ad.adopx.net
ad.invamia.com
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.vidver.to
ad.vidverto.io
ads.creative-serving.com
adservice.google.com
adservice.google.de
ag.innovid.com
api.phnx.click
bgstats.mox.tv
c.bigmir.net
c1.adform.net
cdn.admixer.net
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
dsum-sec.casalemedia.com
eb2.3lift.com
exchange.informer.ua
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.holder.com.ua
i.bigmir.net
i.holder.com.ua
ib.adnxs.com
image6.pubmatic.com
inv-nets.admixer.net
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
m.addthis.com
maxcdn.bootstrapcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel.advertising.com
pixel.everesttech.net
pixel.quantserve.com
platform.twitter.com
pm.w55c.net
pool.admedo.com
s.ad.smaato.net
s.znctrack.net
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
syndication.twitter.com
tpc.googlesyndication.com
tr.blismedia.com
unpkg.com
upload.wikimedia.org
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.umh.ua
z.moatads.com
exchange.informer.ua
googleads.g.doubleclick.net
s7.addthis.com
www.facebook.com
103.229.206.240
104.244.42.72
104.75.88.126
104.92.106.130
142.250.185.162
142.250.186.66
146.0.227.109
146.59.30.100
151.101.194.49
167.71.9.19
18.158.14.110
185.132.133.134
185.180.223.221
185.187.81.40
185.187.81.41
185.64.190.78
185.86.139.93
185.94.180.125
190.2.151.10
190.2.153.150
192.229.233.25
193.239.68.97
193.239.71.100
193.29.200.142
193.29.200.162
2.20.86.213
23.35.236.247
2600:9000:224a:3600:1b:5138:8a40:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700::6810:5914
2606:4700::6810:7baf
2606:4700::6811:180e
2606:4700::6812:bcf
2620:0:862:ed1a::2:b
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0b::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d01c:1d8:8100:a0fe:f5a6:9720:1a18
3.126.56.137
3.64.25.227
34.96.105.8
34.98.64.218
34.98.67.61
35.158.225.181
35.186.193.173
35.210.53.219
37.157.5.142
37.252.172.249
52.28.166.91
52.52.17.9
54.37.238.28
63.33.35.114
76.223.111.18
78.159.118.240
91.198.36.26
91.198.36.35
02c30a2f8ab99e50290330ce2b9c3b7df9bcabbbd0f65442d2f929cb2fec3162
0442992dfd1d698762ad163d6dbfaf0ccc3a9ccbbfc5e0820ad34762dfacf56f
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0692722b63624ad9ff6c955228db259553745a12cea1ad597143c20ba5ec8c8c
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
085583262fc989309eef660f40bfcd1725cc57edb8cad2c03e95382ce3e0b50f
091105bb0811a882fd4f7fedb9e8dcf8a8fd0358106f000d7dd74cd1626dabe5
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
09f5778d15738612633f19a1adc6170deecbee0888bc00d0983d9dbf015a6f20
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b80d717d0093988e78481f046885680a559a73c090c36f7fc5c30361b9d8926
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf67a88e4158309a7aec1613a776c80db3dc47769b1865ba427078bae937819
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f58a400166e5d06ad046168a699ad92d3f889c929f90f83f8c22190736ad40b
0fd775d5d20f5f2182d0ce2f2fb54b8739a8f5aa3c56ee729dbf80fb1dc32722
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c0d2a12c7d826b4f695c6451ee407da96877ca492c73692580f9b9ecc8924c
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
1b708eb963025d8efed6b916fe055f746b14d038fc1e2566055491260ab03dae
1e99d1e6fe74443f70e6b1bb68cca578728ec9d7669c2ee3ecaef8239f6eb956
1f7c5b9fc7520d2735786380c08033a9d450b27ef40c0f660f03b615aecb2293
1fa41d1dd35371b43e476aed2affd90239756fe76a598fd6a071887e0bb455c7
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8
238697905f6e4554dcab4a652a1c500021fd641da99a2c52f70e27823c291950
23cf8643e60f9e01b1bcf914c323f3861466997045f8aee8ea1c737f6fb5a21b
254f33bb44c46523cce6e349f8ea4ec60151ca4337024b647502da496df48b9c
26a3dcc6b10798d230db06ef5cde2ffb3db42ce54649679de4ae97ac19e198ba
26d41601c7a81071942188ce94257e8b4ab676da5d0b7db18a3b3e0e8a7a6267
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2d6f13c648176bce0d56a4001f0a0ce3b9c59728a372067c9ac442a55e410e4a
2d858240786c44494fd76cd5564f3ce5bb86748ffe5f2193a7a5e0bd4ee6c2e6
301898d6bce363fd706de16a2d915e0382fc1a60d07b91d0ffd0609dd90b78a4
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
322a846d0f85ccde422c5c83bc9bc907a475815460f2fa75c1289bfdc629524c
323724aeb4f37a069592dd81fc1e9ddea4d014539f03166932eb137fb8225d13
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
36924a7012531d2ee5ae016a79a371ed7451daaae4a56fa7e65584437516b1a6
3aeb3672aaeb8efd556225a18e1769471a34085794fa8ffdd6aadbe7aac29a3b
3d65fc58c8b4b95e56eca9c4c2dbca490f2b57edd5df89e7bbfd38ec8d2a1554
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
4a64c3f8968235caf4367a733443be4ab6274fd32383d31bf96f607d1f87153a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0425040d7d896dfe92bf7a71cded18b7d2a00421f7e1b927a574ec96dcdc0a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5083460fd3a067ce014eb6de7fd19dce63a82c4a3c1a70b7a53509980f3f6a1a
50ae88d688e07bbae21e1ca28c16c1750c776506ec52b052cacae15724e6be90
516204e9e22bbbd7227f026efaea823f0f0a5f7208a5b3c54e1d94a755bae755
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209
537679b37618b9bbc0ec6829ea731a977a56a541915d4beca450bb3b9268eeaf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b59a8131097de1161f27128999f95da23c08a66ca1ac7848fb80e6aa9c12b
58a1131ddc552c153d7a5b32835bc3c912b74a3cc0c3c40981857abd89788fde
58fa0bac4c38f3f949a9b7e9e6275f5dde748837420d7d07f4751fd9dfb9c637
5a7b4102818872ff395e23756d8fafe76fed92b8e86659a368a2a01e63e44997
5eabab809294f87a4cbdc93b9a0716eac17f0dd376409769aad17715dba00325
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6286abe92e6aadb78bed0dacc0f1b5c2aee1dae3eacb6583f54aa5843d2aad06
6533e888c1361884fbc4f67f8d8f220d4683af91ec9f48512b59211a7153dcc6
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6a9b72f3324b568d38723f5652423ac68a86f0633656e3826665a4347a125afb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370
6dfd14ae6097102cacd31ba68b725c255f65a5abefc6e45c60cfa58298f78030
6f8a37520d137e7b56afd4a5679740485c1e66c850e54b39c6049fbf2fc022f5
6fd5fa4a98bbc9959dff554cfba798e555590f8a1afaa247a48a40138cd700d0
70979a4ce62f17c5be15bef635f9911bc889d0d38f67d6d18a2df5266b0eef87
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
771807c7f658cc84456aefdfa5e9e993e7a74e74b30ad7b3542a27470f87c787
773df060071aac20d1c078c07a4fce01e28190112b3226ae54b828e726986d37
7a200f91a6b0880ac12f22eb4fdca85a06860f9da88a1c89223469a9c98ac54d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7
7d6f723401d9bff849050ca1dcf1078c770a7e49a7491d5e3eadcff562a9d6d6
80a0b34f8b9e0f54a1640057b0a8f7d6d0e033960fda622f6c67c19f0ba4915c
81b7e052c5392b0fa4b35d30c984af9dcdba504d571a7010c0121c733947845c
82f7a67a80ce007634aa263e87d7212019848f6f915fa847f3df2e7b092b0a72
83256161be4addb3aefe369a31de46f42def521d423ab1b344883d49c2bd1953
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
850abd537bcc26f2b2f88a35bb41f50797709791ae1f290278feaee95a2945bc
8542b7f6a83905880abe2bd34c191aaa1e06459cde1b5deaca20cb0f8d4ec679
86b67e98ae1805a0fa348e3e1d118a7b6661d66a6fd88609e8c7f59562a986a3
89fcef2fe8204ec89e703202f4313758021687559f6216a92b5379a753015e9e
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b36b4daa26a130a8893c0ade843e3542251b7704af84b4504633ed52963fb2a
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8e0a244159836a5d55a7de81c24cefb74c7d8387e2e700f16856201ba1e37484
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8e28cd295b5aafb2519789b39da751767353cc775d3248a442caa0a3fdc0b423
8eee5df34c0397f272d2d06a5764b04f192969cb4ee8828488fad83449fe82dd
8f8971058530863cdfbe3d156d8d5c6f7a6a42d5884f4e82cde8e3692b91e535
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb7d659175bbe52bc9e5df4c3063a153e675d993a6b4563691b1cfdedf16172
9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022
9e5caa27fcc371d54f72344d1e23ae90c35e48135f8db4af36a7f862533f6b75
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c793034bb0aebd1aca902d04d62afaa038cc0b9875d4956338710879ce8ad1
a309f8133873e119854b1d8d8aa521f2ca279787c4d4ead03496162f163652f7
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7
a48957670e2c04207a79a2246bc355db662e43f6e962dff6ae60b6695d71b0e4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79da21b1c59c13695a6fe2e01c372cb816c108a3c65197bea6c8c6b0199b91d
a99f6c0e1cf41c58c0823d12b761dd7ac9f7c212629ad92485e10defa9d1c3e6
a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622
a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457
ac194b722d326c2bdaa68addea2025b0d16baf4bad82d1bfda7e112201096ccd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad1318beeea4610b41857d2f85fa07b61abf9dadd75de2ff7489192a3bb102d8
aeb3fa8b9b79fcdd035d7d0ead566517b6d6da24de8ed750ffa9148b343c300a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b034011ac32c90dc03ae4164273121d4695700ee59e059e5cf22a6f5c5aea69a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d76224d2d919a0d3e8950b5f754d60d84cb73037a463cdf0d61a52853757f6
b1eaea9c6437b097c1546e8cfbdcd1d10098170ea999bb9ad7b865ddf34baed2
b4cb688258440ab067c4dd9f03f80b8bcc2eae563f3fa57f1266216a7f3d6814
b9ede3a5a9d897ac53ede9364573cf48ecf891c0ec9819321a2f4ab5b2c53ea7
bbe8c3d1ea8cce13491e55b828c6b4aac1f545fd16a5e6c5462d5641bc28f6f3
bd62fd631f2f388a0ffb74ec23e67f2baf8816e8a9bc2df95ebad6f63a575b9c
bdec0715173246fd3640e430e15ed79011535df2cf4c1cd009f6aea2af8d81d6
be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e
bead87b2c8ee8424cda8e6d4dec906754c8b4c9860f9e8a84d4c62c3ba288ee2
bfc7ef0f4be27f4466434a3bad31f3cd2b57b9f3638ec7a949b1d39070c0c3cd
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c968318b00f0c834b860bc6bb0f7d178fb8759749c468ee2b8fe2e2285744274
c9779c7b61fbc1dd54800b971b134f4370c625e0e47f6d4360245bec3e89696a
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9c616de646e94b9adea60ef1e8ffe5246f82b82baa1e039b1b6007067791773
cfa49377d7989ce034d7bb3f48b0bb3fdcb1e8b99456b8c8582f1e849b6d6dd1
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f1e4e77e17ce26fbc4740970cb36bf9c1448242bbed6725897c804ad099416
d18460ae5a4d42a409487ed0eac7ce114d97f1fd6d24c3b23e798b3591c98c1d
d3048593aaac7bb112d39d11fa92c28361c0469a5aaf5ea516bb609ead4b3aeb
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d4d9074136cf6a5b0189d33a6a075f502847f1c8b868510a9cec84af1d067ff0
d54ac0208d59cd7d261f9ad3c02558ad7cdad6785a35514e25e872d055d28ec2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d84489d89305880f5a96825b682d501a7c6cd3cb729a6a2686d0bf08e2d3ea36
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
da75346410371a736791d9eff61b63f608b6411a4ee3d433814a92bed6053b59
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
db3ce8768c4e10435d706169fbf1c5d3ed4703f01fd5d428abf2a4eb87a2e734
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad
ddd097b2464f9ce4b163f3805ac584dae1f71ef79f3a8ee1ec205d45bdc3285b
de369464d197c8efd2b28e71204038ae78153a113b6ab04c5c5399024206de4d
de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d
dfa1933953767fc53aff3ab036d0e7c5127be7d13eba7895432c2ecab5be64ff
e19c3754d938b19ed99f8865289f649ebe1a55464ecd3d204c970cbaa9b840f1
e251f1bdeaf050b008bf5b39577ea9cf576c5ff7ac8cff61fefd1717c6e272f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59529996a0f2a25381da3c1e2f3eecf7b327a94dab5d5a4fc18aa1c5702d72f
e5f81d03dd446439139c9624ff0c72733f4cfd0d0464350122bbbed65201cdc4
e692666665fb4b9cb743b00e1f7b7fed223b4f784587211fb8b27badfdf7335e
e75e817482bebe5decd28b2bcdb428ef353d6a563acf767d8d8f588f422c1eb8
e88cc48b838540ba1772a88446549d7d8e57e61ae0b579cc3b9b7afc0313918e
ead242d2c8a1e785b31d6cbf46a08947ad61ab107a08c19494f6d2b62f83b1a1
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ee5416b91df2826739bc6fcd6107439a854672768c5bff64b959c1ed9aff11de
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09a527638c20e34e9c22f4f683d480194143974a94e328d595c0b9ccfaa54e5
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f27ec71ab10ada46c00c5731f123fd95afc9e6a0860fbc566ea753aaa34ce0ab
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f569399649ac002dc18cb89db627569b68c07c3b967f94d1477ccf669815fa71
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f754fe8af7aed2ba65f62d51cd0fdaf22af38b4e96f9c02c7a1fb7eab58fb192
fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801
fbb2258b96a0bfb7de912038d3d1c050efd84bc4a23300efa4c99195ce031269
fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fe5f400fda141524f7440048ef4643dbd06fffce0ab780b64495c708411dd0b8
ff480bb2cb54336b9e0ceb8ef5531aa3f5fc30749d9b5e44c498bc5a2b37c775
ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011

kolobok.ua Open in urlscan Pro 193.29.200.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

363 Requests

90 %HTTPS

37 %IPv6

63 Domains

84 Subdomains

56 IPs

12 Countries

4440 kBTransfer

9451 kBSize

89 Cookies

3 Outgoing links

Page URL History

Redirected requests

363 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kolobok.ua Open in urlscan Pro
193.29.200.162 Public Scan

Screenshot
Live screenshot

Full Image

363
Requests

90 %
HTTPS

37 %
IPv6

63
Domains

84
Subdomains

56
IPs

12
Countries

4440 kB
Transfer

9451 kB
Size

89
Cookies

363 HTTP transactions
13 data transactions