www.oferlo.com.ua Open in urlscan Pro
2a03:b0c0:2:f0::250:4001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oferlo.com.ua/
Effective URL:
https://www.oferlo.com.ua/
Submission: On July 04 via api (July 4th 2022, 8:26:20 am UTC) from GB — Scanned from GB

Summary HTTP 146 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 27 IPs in 8 countries across 18 domains to perform 146 HTTP transactions. The main IP is 2a03:b0c0:2:f0::250:4001, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is www.oferlo.com.ua.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time www.oferlo.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2a03:b0c0:2:f... 2a03:b0c0:2:f0::250:4001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
20	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::681a:264	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
7	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4009:2::c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:6::9	15169 (GOOGLE) (GOOGLE)
146	27

21 2a03:b0c0:2:f0::250:4001 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

oferlo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.oferlo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:264 (United States)

ASN13335 (CLOUDFLARENET, US)

eu001.leafletscdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.88 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:2::c (London, United Kingdom) 1 redirects

ASN15169 (GOOGLE, US)

r6---sn-aigzrney.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:6::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hne6nsr.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	leafletscdns.com eu001.leafletscdns.com — Cisco Umbrella Rank: 555020	137 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	382 KB
21	oferlo.com.ua 1 redirects oferlo.com.ua www.oferlo.com.ua	149 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	124 KB
15	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	137 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 162 adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	22 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	4 KB
4	google.ae adservice.google.ae — Cisco Umbrella Rank: 119687 www.google.ae — Cisco Umbrella Rank: 24039	2 KB
3	gvt1.com 2 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1760 r6---sn-aigzrney.gvt1.com r4---sn-5hne6nsr.gvt1.com — Cisco Umbrella Rank: 750677	1 MB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	85 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	110 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867 www.googleadservices.com — Cisco Umbrella Rank: 126	16 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	65 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	52 KB
146	18

	Domain	Requested by
36	eu001.leafletscdns.com	www.oferlo.com.ua
20	pagead2.googlesyndication.com	www.oferlo.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com www.googletagservices.com
20	www.oferlo.com.ua	www.oferlo.com.ua eu001.leafletscdns.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	www.gstatic.com	googleads.g.doubleclick.net
6	csi.gstatic.com	securepubads.g.doubleclick.net www.gstatic.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	www.oferlo.com.ua tpc.googlesyndication.com
3	fonts.googleapis.com	www.oferlo.com.ua googleads.g.doubleclick.net
2	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.facebook.com	www.oferlo.com.ua
2	www.google.ae	www.oferlo.com.ua
2	connect.facebook.net	www.oferlo.com.ua connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ae	pagead2.googlesyndication.com
1	r4---sn-5hne6nsr.gvt1.com	googleads.g.doubleclick.net
1	r6---sn-aigzrney.gvt1.com	1 redirects
1	redirector.gvt1.com	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.oferlo.com.ua
1	apis.google.com	www.oferlo.com.ua
1	oferlo.com.ua	1 redirects
146	32

This site contains links to these domains. Also see Links.

Domain
d34seexzbffcio.cloudfront.net
www.oferlo.ae
www.broshurko.bg
www.fylladiomat.gr
www.letkomat.hr
www.oferlo.id
www.oferlo.in
www.saishinchirashi.jp
www.oferlo.kr
www.catalomat.ro
www.letakonosa.si
www.kataloglar.com.tr

Subject Issuer	Validity	Valid
oferlo.com.ua R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-04` - `2022-10-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.ae GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-12` - `2022-07-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.oferlo.com.ua/
Frame ID: 2A3FA7395F3A00FA3DA3E3CD464770BB
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: F6BA1E0921E77984FC7BA7A0002FB136
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1656923173&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656923173155&bpp=3&bdt=271&idt=185&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8734366812859&rume=1&frm=20&pv=2&ga_vid=1148078250.1656923173&ga_sid=1656923173&ga_hid=1504021972&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068196%2C42531608%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2019652194118067&tmod=1316916778&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=209
Frame ID: 354EF8FE754BF504FA1C0893E32ADBB2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1656923173&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656923173525&bpp=3&bdt=641&idt=3&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8734366812859&rume=1&frm=20&pv=1&ga_vid=1148078250.1656923173&ga_sid=1656923173&ga_hid=1504021972&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068196%2C42531608%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2019652194118067&tmod=1316916778&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HACeaDhMzC&p=https%3A//www.oferlo.com.ua&dtd=8
Frame ID: 975A6A66A3CB6828A23CF4F95BB1397D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOPeBCrxeG5AxjEmJfNATAB&v=APEucNXB21I66bKJDwCyB6rEUVCR593AahazfU_x20y4I7D46B4zHlp10aCdT3cvo7icS62Z4n2Xd--ul9BDCGuonED3_M5wLQ
Frame ID: E2B81D8C97ECD87CAE5E0722DD6F7C40
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 645C460493B4B570B9F9FA04553B7127
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2644EF5E7631ECC0F89A98175DC876E0
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Frame ID: B2C1747BE88CBB58AB649D2C7A956DE9
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: DBA8D52B742E72DFDA8033B9EB3BFAA3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2097BF1779B39074209222B29A4076C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D0671924CC3D6BBE5F3EEB905247897
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Останні акції, каталоги та знижки | OFERLO

Page URL History Show full URLs

http://oferlo.com.ua/ HTTP 301
https://www.oferlo.com.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
apis\.google\.com/js/platform\.js

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

/yii\.(?:validation|activeForm)\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Page Statistics

146
Requests

97 %
HTTPS

82 %
IPv6

18
Domains

32
Subdomains

27
IPs

8
Countries

2359 kB
Transfer

4410 kB
Size

17
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://d34seexzbffcio.cloudfront.net/a94464aff8a69ba3b7b48aee44397d866191662a65485.pdf
Title: умовами використання

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/e6f686054460106d095f70d30bb88552617a4484914ea.pdf
Title: обробкою персональних даних

Search URL Search Domain Scan URL

URL: https://www.oferlo.ae/
Title: United Arab Emirates

Search URL Search Domain Scan URL

URL: https://www.broshurko.bg/
Title: България

Search URL Search Domain Scan URL

URL: https://www.fylladiomat.gr/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://www.letkomat.hr/
Title: Hrvatska

Search URL Search Domain Scan URL

URL: https://www.oferlo.id/
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://www.oferlo.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.saishinchirashi.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.oferlo.kr/
Title: 한국

Search URL Search Domain Scan URL

URL: https://www.catalomat.ro/
Title: România

Search URL Search Domain Scan URL

URL: https://www.letakonosa.si/
Title: Slovenija

Search URL Search Domain Scan URL

URL: https://www.kataloglar.com.tr/
Title: Türkiye

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oferlo.com.ua/ HTTP 301
https://www.oferlo.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_asVOWtXXvuIhXt56_m2M&google_cver=1

Request Chain 62

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsKkJs657q03coZIccCcNwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_asVOWtXXvuIhXt56_m2M&google_cver=1

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAxXkPaCt0gRV-xu_FoQIU8&google_cver=1

Request Chain 64

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcxNTc3NTExNTA4OTg0MjQ5Mg%3D%3D

Request Chain 97

https://redirector.gvt1.com/videoplayback?id=c705d51e4805ff26&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1656930374&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=632A4C684D58C78ABE5F8EDDF1DAA770291B44B5.78D0C73C461E316CD7E3B762BCF9679C23C2545F&key=ck2 HTTP 302
https://r6---sn-aigzrney.gvt1.com/videoplayback?id=c705d51e4805ff26&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1656930374&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5CAD9544DAD5B335E18B82366A56AB1F4CA50E43.2437DA30F402512405F4D2C09593F159DD6CBAB4&key=cms1&cms_redirect=yes&mh=tw&mip=2a02:8c8:c10:30::4&mm=28&mn=sn-aigzrney&ms=nvh&mt=1656922448&mv=u&mvi=6&pl=48 HTTP 302
https://r4---sn-5hne6nsr.gvt1.com/videoplayback?id=c705d51e4805ff26&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1656930374&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=376E2D7F3CD38990139D8B964A5F04653ED9A9B3.630594729600D2555541B65DD59ECBC6D7CFFDC0&key=cms1&mh=tw&pl=48&redirect_counter=1&cm2rm=sn-aigezz7d&req_id=9a3a98577ce736e2&cms_redirect=yes&mip=2a02:8c8:c10:30::4&mm=34&mn=sn-5hne6nsr&ms=ltu&mt=1656922464&mv=u&mvi=4

146 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.oferlo.com.ua/
Redirect Chain

http://oferlo.com.ua/
https://www.oferlo.com.ua/

121 KB
34 KB

157ms
33ms

Document
text/html

2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

6e35ed0382199636aa9232291ce4513e7c2be9adb61f909f3d0af645fc5573f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 08:26:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: []
server: nginx
strict-transport-security: max-age=10; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Hyperia
x-proxy-cache: HIT
x-proxy-cache-type: nl30m
x-proxy-date: Mon, 04 Jul 2022 07:56:16 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:12 GMT
x-upstream-backend: letakomat-ams-w022
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 04 Jul 2022 08:26:12 GMT
Location: https://www.oferlo.com.ua/
Server: nginx

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 158ms
76ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ae06ddb4073e373eab1c773006f390c86d4ef8e19fe1ee4843b13987aee2021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56418
x-xss-protection: 0
server: cafe
etag: 6088048414943039366
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 08:26:13 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 138ms
55ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff152104d728368ece053a5076962e4c7c0f7cbfeaca09969ed0b615d061874e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 04 Jul 2022 08:26:13 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7c25c051a36d9424"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Jul 2022 08:26:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 126ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 08:00:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 08:26:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 08:26:13 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f667d352a739b6a05eba01fd938f4e55caaff63a17b77c6737945a4622e7b061

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
8 KB 122ms
38ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 20:15:49 GMT
x-content-type-options: nosniff
age: 389424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7360
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 20:15:49 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
7 KB 158ms
74ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:30:51 GMT
x-content-type-options: nosniff
age: 392122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7448
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:30:51 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 150ms
77ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 392391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:26:22 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 116ms
44ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 392391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:26:22 GMT

GET
H2 200 fontello.css
www.oferlo.com.ua/fonts/fontello/css/ 4 KB
2 KB 35ms
33ms Stylesheet
text/css 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=d57af09cb576cea2120345bc26490c16
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 168a4c21dd4ca6ef7e49f6a81f5199cefb5b45f6af71a1bbc039df7ad3a94e76

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:31:40 GMT
server: nginx
etag: W/"62becd0c-1087"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Mon, 04 Jul 2022 07:24:24 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 global.css
www.oferlo.com.ua/css/ 92 KB
21 KB 35ms
34ms Stylesheet
text/css 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/global.css?t=25f124a95c6ee2bffd4005ee63865e6e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d5bed337907ab1b04f4ebf7d6e8821c231ddb5a1ba9734ebfddbeb0c82f4c312

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:32:34 GMT
server: nginx
etag: W/"62becd42-170e4"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Mon, 04 Jul 2022 07:24:24 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 homepage.css
www.oferlo.com.ua/css/ 10 KB
3 KB 36ms
35ms Stylesheet
text/css 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/homepage.css?t=27121f8b02c2c8e174123725e84bfc34
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 681edf17a7cf0e80c5117629eec2531bf0bfd77ec9f9a8308a1bc2edac88a275

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:32:33 GMT
server: nginx
etag: W/"62becd41-2932"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Mon, 04 Jul 2022 08:14:29 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 globalDefer.css
www.oferlo.com.ua/css/ 23 KB
6 KB 36ms
35ms Stylesheet
text/css 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/globalDefer.css?t=296138c8f576ea81350961358d5a6441
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: dfd0ee37fe024f82f9ec53580bfad506f0d14aaf4db90f8d8e5c2140c750a8c5

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:32:33 GMT
server: nginx
etag: W/"62becd41-5aa1"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Mon, 04 Jul 2022 07:24:24 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 external.min.js Show response
eu001.leafletscdns.com/com.ua/js/joined/ 138 KB
46 KB 119ms
52ms Script
application/javascript 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cefb2e3821730dcb3ffcd9de8acd90e6465334feb294c4736c7af3f64094047e

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: br
etag: W/"62bec438-cfd1"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 237993
x-from-origin: true
x-proxy-date-now: Friday, 01-Jul-2022 09:58:47 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 01 Jul 2022 09:54:00 GMT
server: cloudflare
x-proxy-date: Fri, 01 Jul 2022 09:58:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV90zPDlS%2FuyuvcHiUpRjkhuYreQrdtBHrTej0vvYf8cUqyzAJJEYZz0uAMh42Nqhx44NrCtOBUDUGQj0M9r5rxsQBhaaRcdibzoFVsJRPAtM7h3Nk5gGi2rD9A1lexszLKBRgt7JV8SXHEV44cSSt0q%2BYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
cf-ray: 725679882cec76a4-LHR
x-proxy-cache: MISS
x-proxy-cache-type: 5

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/38/ 548 B
1 KB 118ms
63ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/38/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d15f85d0aa8fe49a0ba11e1bcd2c4ad286c0ab1bc0452dec8c2fec9a446a6caf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 548
last-modified: Fri, 09 Apr 2021 06:58:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV9D5s7lGXZatsqW6VJZV%2BgHO79asWiUsmlt5Kd5QdhBD9jmEDX1pzCkkvkgvAAZy7sQgMuHxjXldoR%2FluW27hdgmd7TFhuZpHGzw2WU%2BKKOHghcKwv0C2TUccEckLbw5v6y3FAGyL%2FCSW0ljiPyAnRruDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679883ce87583-LHR
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/2/ 1 KB
1 KB 93ms
38ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/2/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1162
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZ8HfTe50ec7OGq7GStSPHifQdLWMtpFY38dgC3sSgj0%2FLhcs1EQC%2FhHuJAikxeGyeMnpg7eG27Qj4Aj41xKXS%2BP5FW0hBMN7tnt8w7QDVxZJwjciProJouoVIfqir283GPjfPduNqyLid3A9MWF4cuNm9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679883ce07583-LHR
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/35/ 706 B
1 KB 91ms
35ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/35/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 706
last-modified: Fri, 09 Apr 2021 06:28:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXMrwXvGdDfmz9G7ecKbmmvh%2FxWQa%2Fxq3qebfaqQMHPzFXp3hxjaImm%2F8Cru5%2FpyFYU6XrVx9Z%2FR3s4uEr6YKGqvdBdr4%2BN6ZCFT5VWzBESzlAooT7d5IrnD138xG1iZi%2B0kTz8y%2FktYu93ubbBCJTcTnWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679883ce37583-LHR
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/4/ 1 KB
1 KB 91ms
36ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/4/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ab7b6bae04a32fc40e9b91566b00a87306ede37dd72313499b831cef75b2c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1156
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGIbmlEMednPw9%2BLVSagoVRLDQBO2E6uWA5gAkfRF7y8whSesBF8XXlPxg8SRkTuFgfNVQJ2V2vxDykhiL8nJQ6p8Iy%2Bu3A5xMVKzv1dkbk217AJWRKOfR%2Bb7d0dZLQELsgur8MS3%2BJkqI%2FpjfI%2F2cFP4DI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679883ce77583-LHR
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/38/3662/ 7 KB
7 KB 97ms
43ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/38/3662/0_s.webp?t=1656853995
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e8c7d35f17380438ffec444744bb31b67d47f13c4b5ca6487fa477ba759f8f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65460
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6712
last-modified: Sun, 03 Jul 2022 13:24:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEyK02qw3P4PFdxRMAfzp1rg7kw7r9QlxuASP%2BMKOxfyTQ44NNAK61K6SvzgoSxuSVqnutyVQhXHIWTI1Ixo3zvj53xDUrrExqwLPSB%2B5qEgOB5WbOvbaMRGrdC8sUg5wF092QOfJKml3H6Vn2bT2i%2F0G4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679883ce57583-LHR
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/2/3650/ 14 KB
15 KB 83ms
36ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/2/3650/0_s.webp?t=1656588017
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b51c2505e961d8423ac6eaa06792bdacaab656cc9751d819f7dce3b1cedcc7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14672
last-modified: Thu, 30 Jun 2022 11:20:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIw2%2B%2FzukDJlYMh5y6oS2PdoZYeU0NyycQrq3ZD9SSPWrmCmUUgZkIChaqT6WcKnYqY6oKLBD5HDU8gymS8UL1zIohwQe1NTcTIkpxXb%2Bug9uKmzz%2BTlqVhzDyKRtVqakwOeFKkhkhPl2FTXiX0TGqgRZg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679883cdc7583-LHR
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/35/3648/ 14 KB
14 KB 84ms
37ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/35/3648/0_s.webp?t=1656584776
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce728004ccfdbfa1a7fcd76765ddfe3d64df6e1b8425849c609befe4ce289a99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62837
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14206
last-modified: Thu, 30 Jun 2022 10:29:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQOClJ4LR5GQ%2Fp45KKOZi%2Fw2ieH1i041L9uQnco4%2BUKcyZa9Fvg211bjByggOnDdbBNERk%2FZqJGpe0R12j54rD15VHvxBZsVlLTTbdIQSNwQV%2Bj6VxlcfsP0vTR9toddTIhMlThr%2B3vbSxRyJ0I%2BrNGP0aQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679883cde7583-LHR
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/4/3646/ 12 KB
12 KB 86ms
39ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/4/3646/0_s.webp?t=1656580267
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a6c1a419cdd7dad8f6060e585a41bcf62d8cd3de1c1f5773f62631ed7959668

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62837
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12252
last-modified: Thu, 30 Jun 2022 09:11:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLBthAYCZ%2FG%2BSTKFyiS4FrP8SfQYroKP2A3gPF7emxVOrUuxohtkf6Wj%2BUY9snuodBVW46HKcHRL%2FLIlzndr1WKjC0OanB%2FECNG8izLtXDhrqkItPAnbttl5dx8kBvUgAGomwmtmc4%2BaWw0IukvGQkMgszk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679883cd77583-LHR
expires: 31556926

GET
H2 200 fontello.woff2
www.oferlo.com.ua/fonts/fontello/font/ 8 KB
9 KB 34ms
34ms Font
application/octet-stream 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/fonts/fontello/font/fontello.woff2?11750290
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=d57af09cb576cea2120345bc26490c16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 78cfc5ba37db16d7ca8c4abec00e920abbf9cf4744b1d38aa386932a0c152d03

Request headers

Referer: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=d57af09cb576cea2120345bc26490c16
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
last-modified: Fri, 01 Jul 2022 10:31:40 GMT
server: nginx
etag: "62becd0c-20c4"
x-from-origin: true
content-type: application/octet-stream
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Mon, 04 Jul 2022 07:24:37 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
content-length: 8388
x-proxy-cache: HIT
accept-ranges: bytes
x-proxy-cache-type: s24h

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 339 KB
120 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ea890e47f4aaaf1ba5c3ee3b8ea8b59c16a61374fdfc986fbab557df5376d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122212
x-xss-protection: 0
server: cafe
etag: 5225856994381426278
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 08:26:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame F6BA 10 KB
5 KB 120ms
37ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 59023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 16:02:30 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 16:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 common_co.min.js Show response
www.oferlo.com.ua/js/joined/ 48 KB
17 KB 36ms
35ms Script
application/javascript 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/common_co.min.js?t=4d56ebad3b75f343464e448b3ccbd96e
Requested by: Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 24c7908fac6ad5008c8de42d0cb05a8414bf20f7e845827ff46bb2777f05ffb2

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:32:34 GMT
server: nginx
etag: "62becd42-411e"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Sun, 03 Jul 2022 09:59:02 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
content-length: 16670
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 homepage.min.js Show response
www.oferlo.com.ua/js/joined/ 24 KB
8 KB 37ms
36ms Script
application/javascript 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/homepage.min.js?t=8565a08f273a0d012496b283f998723d
Requested by: Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ccdb197b7fd4579f033fe2dd82d48cdd9389bec13942befb887bcb893a2985f

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:32:34 GMT
server: nginx
etag: "62becd42-202a"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Sun, 03 Jul 2022 10:27:58 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
content-length: 8234
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 typeahead.bundle.min.js Show response
www.oferlo.com.ua/js/ 38 KB
13 KB 37ms
37ms Script
application/javascript 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/typeahead.bundle.min.js?t=cae3d306d59cd809593e6c80a640a55f
Requested by: Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2735cd0c593645d8e8b2ce539e311ad799cc9a8d8903eb697388bb73618f2fc9

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:32:34 GMT
server: nginx
etag: "62becd42-33fe"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Sun, 03 Jul 2022 09:59:02 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
content-length: 13310
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
52 KB 137ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/common_co.min.js?t=4d56ebad3b75f343464e448b3ccbd96e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3f17580e0b568895b0d555cecc9d8ec733e134b57db52a983465e1e3e938428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52937
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 08:05:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 08:26:13 GMT

GET
H3 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ 56 KB
22 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bb241803ec43c4fce987a6d2cb04166f93dec519f07bb01b0edaa9cd9f48d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22008
x-xss-protection: 0
server: cafe
etag: 7387973170337366975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 04:54:33 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
696 B 130ms
45ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.oferlo.com.ua&callback=_gfp_s_&client=ca-pub-1447540957213601&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

1939afc0c7a681585f38dd6abdda66ede9e1f9a946e8aeef83949a15a7960f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
792 B 129ms
46ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
46ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 354E 188 KB
48 KB 857ms
781ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1656923173&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656923173155&bpp=3&bdt=271&idt=185&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8734366812859&rume=1&frm=20&pv=2&ga_vid=1148078250.1656923173&ga_sid=1656923173&ga_hid=1504021972&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068196%2C42531608%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2019652194118067&tmod=1316916778&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=209

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4de7ced4fd6a7ec3e2ce81415f5d4a482aaa50a3ba83a73742687c166fed0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48891
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 08:26:14 GMT
expires: Mon, 04 Jul 2022 08:26:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.oferlo.com.ua/ajax/get-email-signup/ 3 KB
4 KB 62ms
61ms XHR
text/html 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/ajax/get-email-signup/

Requested by

Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

54e6e311e21a9a5767ea33a88daaa3bff4a54d128e28892fa64b4c8b08d9aa57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Hyperia
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
x-upstream-backend: letakomat-ams-w029
vary: Accept-Encoding
content-length: 1454
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 08:24:48 GMT
server: nginx
x-frame-options: DENY
x-proxy-date: Mon, 04 Jul 2022 08:24:48 GMT
strict-transport-security: max-age=10; includeSubDomains
report-to: []
content-type: text/html; charset=UTF-8
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
x-proxy-cache: HIT
dynamicurl: ajax/get-email-signup/
x-proxy-cache-type: nl30m

GET
H2 200 / Show response
www.oferlo.com.ua/ajax/get-menu-items/ 3 KB
3 KB 56ms
55ms XHR
text/html 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/ajax/get-menu-items/

Requested by

Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

0ef1f9f33632ec6e27928d82e6f155d14605c07815630b6a4dfbf830464795bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Hyperia
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
x-upstream-backend: letakomat-ams-w032
vary: Accept-Encoding
content-length: 728
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 08:12:53 GMT
server: nginx
x-frame-options: DENY
x-proxy-date: Mon, 04 Jul 2022 08:12:53 GMT
strict-transport-security: max-age=10; includeSubDomains
report-to: []
content-type: text/html; charset=UTF-8
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
x-proxy-cache: HIT
dynamicurl: ajax/get-menu-items/
x-proxy-cache-type: a30m

GET
H2 200 yii.validation.js Show response
www.oferlo.com.ua/assets/b74a3942/ 16 KB
4 KB 33ms
33ms XHR
application/javascript 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/assets/b74a3942/yii.validation.js
Requested by: Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: bed9bcc372f2d6619d19a6e2d2a69092725530f20cdc7ffbe55a4a18cfb67b28

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:35:11 GMT
server: nginx
etag: W/"62becddf-401a"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Mon, 04 Jul 2022 04:52:10 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 yii.activeForm.js Show response
www.oferlo.com.ua/assets/b74a3942/ 36 KB
9 KB 34ms
34ms XHR
application/javascript 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/assets/b74a3942/yii.activeForm.js
Requested by: Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 86414ea5538d5f21da467f12d2334388a419e87dd0cc35b87469c7623c56a2c3

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:35:11 GMT
server: nginx
etag: W/"62becddf-9044"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Mon, 04 Jul 2022 04:52:10 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H2 200 maskot-main-happy-xs-subscribe.png
www.oferlo.com.ua/img/maskot/ 2 KB
3 KB 34ms
33ms Image
image/png 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oferlo.com.ua/img/maskot/maskot-main-happy-xs-subscribe.png
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/css/global.css?t=25f124a95c6ee2bffd4005ee63865e6e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/css/global.css?t=25f124a95c6ee2bffd4005ee63865e6e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 10:31:40 GMT
server: nginx
etag: "62becd0c-917"
x-from-origin: true
content-type: image/png
expires: 31556926
cache-control: public, max-age=31556926
x-proxy-date: Mon, 04 Jul 2022 07:24:23 GMT
x-proxy-date-now: Monday, 04-Jul-2022 08:26:13 GMT
content-length: 2327
x-proxy-cache: HIT
x-proxy-cache-type: s24h

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 975A 66 KB
31 KB 650ms
650ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1656923173&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656923173525&bpp=3&bdt=641&idt=3&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8734366812859&rume=1&frm=20&pv=1&ga_vid=1148078250.1656923173&ga_sid=1656923173&ga_hid=1504021972&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068196%2C42531608%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2019652194118067&tmod=1316916778&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HACeaDhMzC&p=https%3A//www.oferlo.com.ua&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e98d619f5718f6656202390801d3cbe1778938654deba274c08ff4fd20e0ba37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 08:26:14 GMT
expires: Mon, 04 Jul 2022 08:26:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5405
date: Mon, 04 Jul 2022 06:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 08:56:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 116ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: GL6iGpfcM9AiqjiqW2fABkbnLUnN6C+JOIfWznM+6WAY59pK9z17cplHlhBGaxsyKYvnrxudOhOaaqa1PHnvYg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 08:26:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 135ms
53ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 08:26:13 GMT

GET
H3 200 478813288996064 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 80ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/478813288996064?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3eeb8182f7090eadf2183aeb70d942da863843156257c4a4e1326ceac9a68715

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85480
x-xss-protection: 0
pragma: public
x-fb-debug: sjSez0HZflN+a64IFM7C/CTfxAhyUpBH0ubQlbwNQfJVtWziUN8JW3LgHB7FYUw2kh1QH6FpQxq2+ZtSSuqWUA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 08:26:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 120ms
43ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1504021972&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=538791092&gjid=1819862423&cid=1148078250.1656923173&tid=UA-24834420-46&_gid=34715915.1656923174&_r=1&gtm=2wg6t0PRQV9D6&cg5=site%2Findex&cd2=0&z=1192100062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oferlo.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/ 3 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/?random=1656923173711&cv=9&fst=1656923173711&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&data=AdBlock%3D0&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3684d4bbcdd207e85265dfdf945fb6a7aae1436c83fc15befbcac1d020d71285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1090
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/868040956/ 42 B
548 B 133ms
49ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868040956/?random=1656923173711&cv=9&fst=1656921600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&data=AdBlock%3D0&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&async=1&fmt=3&is_vtc=1&random=1551212699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ae/pagead/1p-user-list/868040956/ 42 B
548 B 167ms
49ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ae/pagead/1p-user-list/868040956/?random=1656923173711&cv=9&fst=1656921600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&data=AdBlock%3D0&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&async=1&fmt=3&is_vtc=1&random=1551212699&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 97ms
32ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-24834420-46&cid=1148078250.1656923173&jid=538791092&gjid=1819862423&_gid=34715915.1656923174&_u=YAhAAEAAAAAAAC~&z=1143961872

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e3ea156c91e5bd4f4ba41e6bb96d65b5b75f36e2afb3b33522b6deb06aa1b19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oferlo.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Jul 2022 08:26:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 121ms
40ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=PageView&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&rl=&if=false&ts=1656923173861&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.2.1656923173860.261606957&it=1656923173691&coo=false&rqm=GET

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 04 Jul 2022 08:26:13 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 138ms
61ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24834420-46&cid=1148078250.1656923173&jid=538791092&_u=YAhAAEAAAAAAAC~&z=1731405726

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ae/ads/ 42 B
107 B 61ms
61ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ae/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24834420-46&cid=1148078250.1656923173&jid=538791092&_u=YAhAAEAAAAAAAC~&z=1731405726

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 975A 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-An7YDy7ogWYoE9K2AiGiVLCL0o2mf6Qbpjd0V56Sbfu-PpSQ3hSmyI64C9R1k98MRmHKFowd-Kc2ybqreKCqNuV_eULITw-K9bKNqtaE0sqOgTjfg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1656923173&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656923173525&bpp=3&bdt=641&idt=3&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8734366812859&rume=1&frm=20&pv=1&ga_vid=1148078250.1656923173&ga_sid=1656923173&ga_hid=1504021972&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068196%2C42531608%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2019652194118067&tmod=1316916778&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HACeaDhMzC&p=https%3A//www.oferlo.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E2B8 624 B
300 B 52ms
52ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOPeBCrxeG5AxjEmJfNATAB&v=APEucNXB21I66bKJDwCyB6rEUVCR593AahazfU_x20y4I7D46B4zHlp10aCdT3cvo7icS62Z4n2Xd--ul9BDCGuonED3_M5wLQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1656923173&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656923173525&bpp=3&bdt=641&idt=3&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8734366812859&rume=1&frm=20&pv=1&ga_vid=1148078250.1656923173&ga_sid=1656923173&ga_hid=1504021972&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068196%2C42531608%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2019652194118067&tmod=1316916778&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HACeaDhMzC&p=https%3A//www.oferlo.com.ua&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 08:26:14 GMT
expires: Mon, 04 Jul 2022 08:26:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 975A 21 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:52:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 975A 3 KB
1 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:12:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 975A 17 KB
8 KB 118ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:17:50 GMT

GET
H2 200 12460300233605410438
s0.2mdn.net/simgad/ Frame 975A 65 KB
65 KB 148ms
39ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12460300233605410438

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd3b1a770b292d05e3d5d6d2b7e336613d93deaf86cf2ff82a59c446ebeb7608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:27:10 GMT
x-content-type-options: nosniff
age: 14344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66215
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 12:19:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 04 Jul 2023 04:27:10 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 975A 6 KB
3 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2628
x-xss-protection: 0
server: cafe
etag: 1103433747108554897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 07:15:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 975A 0
622 B 171ms
75ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuODiZ5163ZBKGevq_gdCnVLXFxyuU9Wzc-EDdopYr_l00czgQsMtryQeyitw_Y4T5_USjgE9UbKxMz6sCWH7uyqQIfOU_O52vJi7SCujkmePDCBtySbPvngJ8zrBK5ukOuOBwyEs3Su2mQWagOM642oGKRzqQNaS66Y9G4IgnA-j2_PHN3m1hS_1hBb0CzuAkLvpCbYp6Acy6rB6Qcd7NTH1c78gK2WkJgJa9wMC5mc6IOcKZZkseYs2_OHD8-NpAgO-k1GZUdF7Nn58lsa99ebJE85mPwZzH7ZViyP_URX85hs-mrYvQKZT0Azejacb6w_ssGqkTfd13n_7DcIKCTKUIq0RnpM_VQUHkGtteFlN0r4v2XcWXeHOqjwMvoReYyjuZSFjLgpyc7TEWXSB6ruTTQa8kiDks26L_Exu6F_2r1cMiA0fef1oG7OIeuW944SjL9T46cuLK3Qj0G5CpC38nAGH94KW47l0fSo7ArY3T76ZAOdStk-WKUHVamPxq7gmiyORIJzu8D2gh704FYwyVdMtkOHP6kOMPcuekZBIou7J09S2-Cqs3o0LUMoI-iQZrqXBP3WlsMbC5m8_rb1DGFVnoWpU5waicRqmv8PFH2LP5NDZKddAaRr_EgUn7QOvEL4_dVcA4iaUpyfqobsYRj8cL0nlopC4TPUCReREx0onMQ0tkGNHe45qUc91ZPx99i0QkrsztkqfEXH_ptr_he8-KycijcAfxzG3QmJ1J9DRWUAA2BIhdzbFSKaFaJvFNa72nqF9AlTAsGQXqMCdehlahdNugK4WA-MMU8UxO3LQWQukUhjy6D3-ikj5lGdNb_Fkp6eLpE7XtQQoQpYRMLyrbMz1crcs8_s7GeJJzwRNHaIKf7bwC7udC7LewFlb5lLRCFPyRiJHi8S56A5dLvO80UqaKQsoiXHe7TxPoIgNhEOQwTWr44_TZ80neY_UnEaOSbIOeYWnmpHFYlXoI5nMmqtCTTRl1ol1uOCcOspDgjEu1h-ooKeIyo9n3CqNxiL1RRUikUcblZbQIqUhhhAIJ-FaGQjlG3Kb2CflMreJm-X7IYs7OftzGVFexcuvCZog1q-ZMh-SeMXhSP&sai=AMfl-YTm7HJopLXSCST_HfJDN1n-xKD73iK-enBI-qd__ZYk-fXyZgk-D6RUPBm7o2Z-JxxmjpOfn7tRl4Qav3bJYJkzCO3ton2U3R2_Bx2Z3l7ZAKIOAb5u7CURTpkqu3lXjWwS6JvtSiwNILCZqt8FNuUu-00vuIH7rwIp-EiITFMfQNpPX1-lJRI&sig=Cg0ArKJSzNEElrj6lKDCEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20220629.57674&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 04 Jul 2022 08:26:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 975A 41 KB
15 KB 120ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 08:22:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 975A 138 KB
43 KB 127ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 08:26:14 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E2B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_asVOWtXXvuIhXt56_m2M&google_cver=1

43 B
908 B

63ms
62ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_asVOWtXXvuIhXt56_m2M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOPeBCrxeG5AxjEmJfNATAB&v=APEucNXB21I66bKJDwCyB6rEUVCR593AahazfU_x20y4I7D46B4zHlp10aCdT3cvo7icS62Z4n2Xd--ul9BDCGuonED3_M5wLQ
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 7256799079ba8924-LHR
pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ki3GHjM5oVwnqr%2Bs1m458Jg2RJYzKTwMXblnqftt5VOSWQn1DMbBAcZIUN4dgF2WudDIU4l6rlwvhOCJaGY%2FDKAaf0U0%2FoiuuqX0ecX3wE4JL1dOStcYthW5NPckyffeSzzGWuGz7GL%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_asVOWtXXvuIhXt56_m2M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E2B8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsKkJs657q03coZIccCcNwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_asVOWtXXvuIhXt56_m2M&google_cver=1

43 B
915 B

82ms
81ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_asVOWtXXvuIhXt56_m2M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOPeBCrxeG5AxjEmJfNATAB&v=APEucNXB21I66bKJDwCyB6rEUVCR593AahazfU_x20y4I7D46B4zHlp10aCdT3cvo7icS62Z4n2Xd--ul9BDCGuonED3_M5wLQ
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 725679914c258924-LHR
pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWy0cgr2ww%2Fxm%2BNAS0UKGileb0UFnAXnQq%2FgZp4vvBfViJmrmNEcf5GojS%2Fh602nPY%2B13LEBe6L4Q7G8B2NOGTxAE%2F2AoDghwSTM%2Ffr9q5dMo9coQDZm9Fy6yoesx936pC8w%2BYR94UQ%2FdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_asVOWtXXvuIhXt56_m2M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E2B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAxXkPaCt0gRV-xu_FoQIU8&google_cver=1

43 B
1018 B

40ms
38ms

Image
image/gif

185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAxXkPaCt0gRV-xu_FoQIU8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKOPeBCrxeG5AxjEmJfNATAB&v=APEucNXB21I66bKJDwCyB6rEUVCR593AahazfU_x20y4I7D46B4zHlp10aCdT3cvo7icS62Z4n2Xd--ul9BDCGuonED3_M5wLQ

Protocol

HTTP/1.1

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 08:26:14 GMT
X-Proxy-Origin: 130.180.200.35; 130.180.200.35; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3a19cf99-9a38-4b02-aace-ec1fb8e8115d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAxXkPaCt0gRV-xu_FoQIU8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2B8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcxNTc3NTExNTA4OTg0MjQ5Mg%3D%3D

170 B
188 B

125ms
46ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcxNTc3NTExNTA4OTg0MjQ5Mg%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 08:26:14 GMT
X-Proxy-Origin: 130.180.200.35; 130.180.200.35; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 71f709b2-ca1b-46a7-b873-872b57154679
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcxNTc3NTExNTA4OTg0MjQ5Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 149 KB
53 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4d166d7c51fb5b8ca1137c6c3547508b188221659bac3f55df50f1d40841b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54412
x-xss-protection: 0
server: cafe
etag: 4777550495163145999
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 08:26:14 GMT

GET
DATA 200
OK truncated
/ Frame 975A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5885788ebeb53e78e3e92fe35712470833efd3aa23917916580b69c243d70741

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 80ms
38ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=Microdata&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&rl=&if=false&ts=1656923174363&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO%22%2C%22meta%3Adescription%22%3A%22%D0%A2%D1%83%D1%82%20%D0%B2%D0%B8%20%D0%B7%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%82%D0%B5%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%81%D1%83%D1%87%D0%B0%D1%81%D0%BD%D0%B8%D1%85%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D1%96%D0%B2%20%D0%B4%D0%BE%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D0%BF%D0%BE%D1%81%D0%BB%D1%83%D0%B3.%20Oferlo%20%D0%BD%D0%B0%D0%B4%D0%B0%D1%94%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D0%90%D1%88%D0%B0%D0%BD%2C%20Billa%20%D1%82%D0%B0%20%D0%B1%D0%B0%D0%B3%D0%B0%D1%82%D0%BE%20%D1%96%D0%BD%D1%88%D0%B8%D1%85%20%3E%3E%22%2C%22meta%3Akeywords%22%3A%22oferlo%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%2C%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%2C%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.oferlo.com.ua%2Fimg%2Fmaskot%2Fmaskot-main-happy.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.2.1656923173860.261606957&it=1656923173691&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 08:26:14 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 645C 22 KB
8 KB 120ms
38ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 582504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 14:37:50 GMT
expires: Tue, 27 Jun 2023 14:37:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 975A 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BmPgkJaTCYq_CIras9u8PgM25oAwAAAAAOAHgBAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
122 B 122ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 08:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 124ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 08:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame 2644 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 54672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 17:15:02 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 17:15:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 975A 0
26 B 155ms
77ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 08:26:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css2
fonts.googleapis.com/ Frame 2644 4 KB
636 B 120ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 07:21:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 08:26:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 08:26:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2644 205 B
743 B 120ms
38ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 22:09:31 GMT
x-content-type-options: nosniff
age: 37003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 03 Jul 2023 22:09:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2644 604 B
695 B 121ms
38ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 00:59:16 GMT
x-content-type-options: nosniff
age: 26818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jul 2023 00:59:16 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 2644 19 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:02:26 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 645C 36 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 04:35:06 GMT

GET
H3 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame B2C1 10 KB
4 KB 121ms
46ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:51:29 GMT

GET
H3 200 a694c09b207b537c12f07a7976b778d3.js Show response
www.gstatic.com/mysidia/ Frame B2C1 148 KB
55 KB 125ms
50ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a694c09b207b537c12f07a7976b778d3.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ea508fe7bab64a56687982ac3a29ee4ae0d3e9c48f699d8ed769faabad998d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56434
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 03:27:00 GMT

GET
H3 200 74ef8cb7c81a147b0078185476199165.js Show response
www.gstatic.com/mysidia/ Frame B2C1 18 KB
7 KB 114ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8e6138c7cf0944d755a4757f5c2b3803ede310e05af81ff90d4fe98bb6c4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7278
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 04:43:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B2C1 4 KB
814 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 07:34:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 08:26:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 08:26:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B2C1 2 KB
902 B 38ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:19:59 GMT

GET
H3 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame B2C1 6 KB
2 KB 121ms
48ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:51:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame B2C1 21 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:15:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B2C1 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:05:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B2C1 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:17:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2C1 138 KB
42 KB 127ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 08:26:14 GMT

GET
H3 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame B2C1 31 KB
13 KB 109ms
37ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:52:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 645C 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmPgkJaTCYq_CIras9u8PgM25oAwAAAAAOAHgBAI&bg=!gYKlgsbNAAaLlKKnq5Q7ACkAdvg8WuADTVAnTJ6_3K2bqM6fk2R02zqJ36FDOqHOSYMbo2qTl4fsNQIAAABnUgAAAANoAQeZAsYyY-5MNeUdUG72G1qRHcZCuavp_EShEwKKA5RiiDjt6QnT32ne6vYyuf_jYcTt9PNOYEsyL9MvBfKBJvGLN4NO6RmWp8pB5RC4fNB2rxv_ewqrc7n8z7DWRnoFW9jQqYmYpFe2AjQAdG1yC2_5l6lwY1LhDmASR6Uq-JqxbK4WOHReYB68ihj4ncmTZd4LLVZKN6kTEfdR8fzZZK7MS4zQrXKQAhmYq4mTZ3SayiD_OEArZBmsJyDlCvUNxRw3bPhGitThVFS6czduMcbDDYG2BVnXmng590CUBLNlNv2H8-L8rod_z3zHM9lPAB4bk0-yehwaCVoFzxT6GIi-xFGSjcYWloJAZVBArn4yMYZRiDvP-t8Ep2inOSJXeVpDm42YL-wJ9zFwykM1pu-kvaT5ur8Bp3Tl0jskWNU67E8shx0lGDZxtqc_DiY4XGnPXsf2k9mnLQh3roGQbs2JKSJNqi7u03oysg7gkWZoVWXGEHi0XEIdU213JrNcJHNk15zJHnzXgdJs1SnfkUC1_iFalYu6sDAcsfR4SNxoiAsW3aTM6hg5wts6Y5an3Nhp90qIhTNnjrBM-kFkgNGkuodns_v-Lr44HWDlzLaskAUq-nLX9xgY3-Wi4WV_0Rs-UVFmFgkV6GGR57zPRIy50jTCGqdVnqmcSCrd5ABqWYpFqjG0Hxc6qfnqmgNEOXdb_YMf-Dh6QtyxlypPM28v9jSQ7brDLogOtXiSoutPKlDz3huYgFIzk5mUwD4B1CiNfh7CwLqLqjsPzWCmkAgNoA8AR_0cvypYJU4eTzm7xeI5tvYUn4FZlCTt_TB3L4s8jEdcSAFBZAc0NyUI6Omyw0s_PCKcvOKaCgfaQTsUJzd4BLrq1_dM7op8S7oXjeXm3Eg48c2eS_44JozUjBIUcnCvBp_WPfk8p6fvDhLi4qz0_iuK7SOz8A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 975A 62 KB
23 KB 38ms
37ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2480
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23708
x-xss-protection: 0
server: cafe
etag: 12776144751522492165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 08:44:54 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 975A 0
54 B 810ms
279ms Ping
image/gif 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l56h9zym&chm=1&ctx=2&gqid=JaTCYvyDIsHi3wPF1quoBA&qqid=CO_ouOnn3vgCFTaW_QcdgGYOxA&met.4=fb.ig~lb.m6~ol.vq~bdt.-i2~bpp.-6~idt.-6~dtd.-1~dt.-9&met.3=374.na~733.p0~742.p0_1~749.vl_4~736.vr~735.vr_1~113.xd_4~112.xc_6&met.1=1.l56h9z1a~6.1~7.1~8.1~9.1~10.1~12.2~13.i4~14.ij~15.i7~16.q6~17.q6~18.q6~19.vq~20.vq~21.vq~22.mj~23.mj&met.7=CAUQCBgBKAEwmwU49ghoAnCMBXjs9gGAAcD0AYgB95EEsAEBuAED~CBwQBhgBIJcFKJcFMN4FOEdolwVw3QV41gKAASqIASqwAQG4AQM~CCgQBRgBIJkFKJkFMNAFODdomwVwzwV4wASAAZQCiAHwBLABAbgBAw~CAkQChgBIJ8FKJ8FMMgFOClooAVwxgV4i0aAAd9DiAGIqAGwAQG4AQM~CB4QChgBIJ8FKJ8FMJwGOHxo8wVwmwZ4-wyAAc8KiAGxFbABAbgBAw~CBwQChgBIKAFKKAFMJoGOHtAoAVIoQVQoQVY8gVgxQVo8wVwlgZ4uTuAAY05iAHlhwGwAQG4AQM~CCkQBhgBIKAFKKAFMPYGONYBQKEFSL0FUL0FWI4GYOAFaI4GcLQGeNOHBIABp4UEiAGnhQSwAQG4AQM~CBwQChgBIKAFKKAFMMkFOChooQVwxwV48BaAAcQUiAHxMbABAbgBAw~CCIQARgBIKMFKKMFMM8GOKwBQKQFSLIFULIFWIQGYNYFaIQGcM8GeKwCsAEBuAED~CCcQChgBIKQFKKQFMLwGOJgBaPMFcJwGeJN5gAHndogBisUCsAEBuAED~CCoQChgBIKQFKKQFMNQGOLAB~CCcQBRgBIMQGKMQGML8HOHtQxQZYlgdgxQZolgdwvQd490OAActBiAHqsgGwAQG4AQM~CBwQBhgBIMUGKMUGMIwHOEdoxgZwiwd4rAKwAQG4AQM~CCIQARgBIKoHKKoHMMUIOJwBUKoHWPgHYKoHaPgHcMUIeKwCsAEBuAED~CCgQChgBIPgIKPgIMK0JODVo-Qhwngl4yLsBgAGcuQGIAfDsA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C1 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoTCAEqD3JlY3RhbmdsZS1hbGJ1bQoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNECshAAAAAAAAIkAwBAoNECshAAAAAACAT0AwAQoNEAMhAAAAMjNTaUAwBBIaQ0ktZnMtbm4zdmdDRldDS19RY2RiaVFCVlEiHWdwYS9keW5hbWljX2ZpZ193ZWJfYmFubmVyX3YyKBo=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B2C1 0
327 B 734ms
275ms Ping
image/gif 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l56ha00i&c=1223370482028&slotId=611685241014&qqid=CI-fs-nn3vgCFWCK_QcdbiQBVQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C324123032%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a694c09b207b537c12f07a7976b778d3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C1 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoTCAEqD3JlY3RhbmdsZS1hbGJ1bQoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEA0hAAAAAJCZuT8wBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQSGkNJLWZzLW5uM3ZnQ0ZXQ0tfUWNkYmlRQlZRIh1ncGEvZHluYW1pY19maWdfd2ViX2Jhbm5lcl92Miga

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C1 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoTCAEqD3JlY3RhbmdsZS1hbGJ1bQoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNECshAAAAAABAVEAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAID10kAwBAoNEBIhAAAAAAAAHEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAMjPzbUAwBBIaQ0ktZnMtbm4zdmdDRldDS19RY2RiaVFCVlEiHWdwYS9keW5hbWljX2ZpZ193ZWJfYmFubmVyX3YyKBo=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

206

videoplayback
r4---sn-5hne6nsr.gvt1.com/ Frame B2C1
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=c705d51e4805ff26&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1656930374&sparams=ip,ipbits,expire,id,...
https://r6---sn-aigzrney.gvt1.com/videoplayback?id=c705d51e4805ff26&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1656930374&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
https://r4---sn-5hne6nsr.gvt1.com/videoplayback?id=c705d51e4805ff26&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1656930374&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

280ms
173ms

Media
video/mp4

2a00:1450:400e:6::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hne6nsr.gvt1.com/videoplayback?id=c705d51e4805ff26&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1656930374&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=376E2D7F3CD38990139D8B964A5F04653ED9A9B3.630594729600D2555541B65DD59ECBC6D7CFFDC0&key=cms1&mh=tw&pl=48&redirect_counter=1&cm2rm=sn-aigezz7d&req_id=9a3a98577ce736e2&cms_redirect=yes&mip=2a02:8c8:c10:30::4&mm=34&mn=sn-5hne6nsr&ms=ltu&mt=1656922464&mv=u&mvi=4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:400e:6::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

68f35086b566841e88e0e0c2c0e580edf996018c6e0de6916b5488a20e05b7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Jun 2022 21:45:09 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1078938/1078939
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1078939
expires: Mon, 04 Jul 2022 08:26:15 GMT

Redirect headers

date: Mon, 04 Jul 2022 08:26:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/html
location: https://r4---sn-5hne6nsr.gvt1.com/videoplayback?id=c705d51e4805ff26&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1656930374&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=376E2D7F3CD38990139D8B964A5F04653ED9A9B3.630594729600D2555541B65DD59ECBC6D7CFFDC0&key=cms1&mh=tw&pl=48&redirect_counter=1&cm2rm=sn-aigezz7d&req_id=9a3a98577ce736e2&cms_redirect=yes&mip=2a02:8c8:c10:30::4&mm=34&mn=sn-5hne6nsr&ms=ltu&mt=1656922464&mv=u&mvi=4
cache-control: private, max-age=900
content-length: 0
expires: Mon, 04 Jul 2022 08:26:15 GMT

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 4 KB
3 KB 34ms
34ms XHR
text/html 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist11&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-11-shop-tiles-prepend&d%5Bcategory_id%5D=11&d%5Btype%5D=visible&d%5Bshops_in_line%5D=12&m=before

Requested by

Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

9c9e7f3d39c73530e023011b1704866988e589855afc92883c2336a2019fc34d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Hyperia
x-proxy-date-now: Monday, 04-Jul-2022 08:26:15 GMT
x-upstream-backend: letakomat-ams-w026
vary: Accept-Encoding
content-length: 663
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 08:14:32 GMT
server: nginx
x-frame-options: DENY
x-proxy-date: Mon, 04 Jul 2022 08:14:32 GMT
strict-transport-security: max-age=10; includeSubDomains
report-to: []
content-type: text/html; charset=UTF-8
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
x-proxy-cache: HIT
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 34ms
34ms XHR
text/html 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist14&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-14-shop-tiles-prepend&d%5Bcategory_id%5D=14&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

837206ebf6e62ede22e73028f6086e3cf47af7719e15721650d7bc42e5cf5f41

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Hyperia
x-proxy-date-now: Monday, 04-Jul-2022 08:26:15 GMT
x-upstream-backend: letakomat-ams-w032
vary: Accept-Encoding
content-length: 454
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 08:14:32 GMT
server: nginx
x-frame-options: DENY
x-proxy-date: Mon, 04 Jul 2022 08:14:32 GMT
strict-transport-security: max-age=10; includeSubDomains
report-to: []
content-type: text/html; charset=UTF-8
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
x-proxy-cache: HIT
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 34ms
33ms XHR
text/html 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist12&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-12-shop-tiles-prepend&d%5Bcategory_id%5D=12&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

af119cfded0f31227e85b6cf4de59dd3e0853012837b069d29208596d4f3e031

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Hyperia
x-proxy-date-now: Monday, 04-Jul-2022 08:26:15 GMT
x-upstream-backend: letakomat-ams-w023
vary: Accept-Encoding
content-length: 443
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 08:14:32 GMT
server: nginx
x-frame-options: DENY
x-proxy-date: Mon, 04 Jul 2022 08:14:32 GMT
strict-transport-security: max-age=10; includeSubDomains
report-to: []
content-type: text/html; charset=UTF-8
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
x-proxy-cache: HIT
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 33ms
33ms XHR
text/html 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist15&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-15-shop-tiles-prepend&d%5Bcategory_id%5D=15&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

c6c7f3ffc0deb34af0f7c06c3610b4c6736993258ea2189658735f42dd251e51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Hyperia
x-proxy-date-now: Monday, 04-Jul-2022 08:26:15 GMT
x-upstream-backend: letakomat-ams-w022
vary: Accept-Encoding
content-length: 404
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 08:14:32 GMT
server: nginx
x-frame-options: DENY
x-proxy-date: Mon, 04 Jul 2022 08:14:32 GMT
strict-transport-security: max-age=10; includeSubDomains
report-to: []
content-type: text/html; charset=UTF-8
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
x-proxy-cache: HIT
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 63ms
63ms XHR
text/html 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist16&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-16-shop-tiles-prepend&d%5Bcategory_id%5D=16&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

3b5c2abc10ad805c4de0200f2e6a6dfdd82460db05e3145a169e7767d17d534a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Hyperia
x-proxy-date-now: Monday, 04-Jul-2022 08:26:15 GMT
x-upstream-backend: letakomat-ams-w024
vary: Accept-Encoding
content-length: 459
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 08:14:32 GMT
server: nginx
x-frame-options: DENY
x-proxy-date: Mon, 04 Jul 2022 08:14:32 GMT
strict-transport-security: max-age=10; includeSubDomains
report-to: []
content-type: text/html; charset=UTF-8
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
x-proxy-cache: HIT
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 63ms
63ms XHR
text/html 2a03:b0c0:2:f0::250:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist17&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-17-shop-tiles-prepend&d%5Bcategory_id%5D=17&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: eu001.leafletscdns.com
URL: https://eu001.leafletscdns.com/com.ua/js/joined/external.min.js?t=e99e59db1d521902070d5eed28be23f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:2:f0::250:4001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

8df4fab5171a5708bb0e27d5c3b6a1d67dbe5a266851726dff167a2a7e03673e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: V9EbyeNfjgjSbhHLJQZyBor1Jx80XTpmEZmVFZuGiZRksiuuiGrRTYcYaJ9vMQZX64FfWAduCgFkzKMjy__upw==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Hyperia
x-proxy-date-now: Monday, 04-Jul-2022 08:26:15 GMT
x-upstream-backend: letakomat-ams-w039
vary: Accept-Encoding
content-length: 451
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 08:14:32 GMT
server: nginx
x-frame-options: DENY
x-proxy-date: Mon, 04 Jul 2022 08:14:32 GMT
strict-transport-security: max-age=10; includeSubDomains
report-to: []
content-type: text/html; charset=UTF-8
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
x-proxy-cache: HIT
x-proxy-cache-type: a30m

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/3/ 2 KB
2 KB 76ms
43ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/3/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62839
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1648
last-modified: Tue, 27 Jul 2021 19:28:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2F2LZ3y0UchoHyjUBssmFxygHa0Y42b0Vh6frymjvX1OyuSNwLto5vrEwgxmgt4HkJR6ndblf%2FopcaCzS1QMeX8fGvrZij9RLluG8tsMxCNlGBRs%2FydDJNwFcUNxx1tXNOWux2NmaurPLHbluNapxk6ebqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0975d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/31/ 938 B
1 KB 94ms
62ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/31/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8425275b77f7ce018416241e85960821de53a5ed71761a1ae397b1a5e855336

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62839
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938
last-modified: Tue, 27 Jul 2021 19:28:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnUVPGriZiC7798aIrVLQl9TLQTeBb%2BqzcYHNy%2F8t1OzyPCZllhU2rUdgewDj4UfpaMtyY9mXFgoSLMD38w5woAAazbxwVvq6gZ6TmLPJS5FMbxWxyJu3X3fOJRZfxMk5rFqrB%2FRf0ImFnC4zUDOos%2FP%2Brc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0b75d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/1/ 1 KB
2 KB 73ms
40ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/1/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c2516c4c455411caea0c64380b128f1b5f01afcee30dd17560d3da5c7699679

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1056
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZTnbX%2FdjLxWeYizGfArYVuqKc4ozEjN0p9WjuFp3Cp4c93jaZeIVW8sMgHw%2Bkyc2cS0GKSrFYOz6hvpU2ELoQWfdcN1oeYAmgxY3Y5JGrZ0v2YTHdUXEW80N3%2FHvsLRWn1E%2FoXQt%2BEhMSzQMwgdzyWqxj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0d75d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/9/ 990 B
2 KB 70ms
39ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/9/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b177a40aba940d7cdbaa62174e671bf2f02af901978167753fdcfce2be9101

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 990
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg%2FXwoCz8D6mOWyQvEz8OhAKKGuwbQdxq8C4rZgJrhwNUSCAzEx7JJZeVep03GzGCBT5PMUmaIa43ToWK1%2Fu3uHDGTzJyiNOkPHT70Tv2AHUlmhiRY4XJ93MC4uXT6aqf4Uu94U%2FJLZYqQzx9v7MJScnqrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ef075d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/33/ 810 B
1 KB 64ms
33ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/33/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446bab4f19b463933ba69fc0c0ff5317bcef393fdcda0816e62b0a2b4aafeaa2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 810
last-modified: Fri, 09 Apr 2021 06:28:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8dbgKba3C9JIRtiyGoB2SZlE2SdjrPR1h%2Bq%2BdrW1eXVlwUCp9Tdshz6Hp3vhz8kiH%2FEkHGuNorC9toZajpFpgne%2F47BkGgka4tO3r%2FkVD4u%2Fei68Sts92H05s9I843pcLE5zldTBPKK9zNXRr3uuN3r2XM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ef275d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/34/ 580 B
1 KB 68ms
37ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/34/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a766ea12240078e9a4911493790c08cfa979a18619d180cd7f5a5f468fd79f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 580
last-modified: Fri, 09 Apr 2021 06:28:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Im4i7DVuFwF5yX0bGtKsqKgA2pro1I89pPpuPps6ZjtVhkauJTcxfuMyTnKMA9SNIVbWEZQ8exUoxsAsHfIG6zliXm8WNqLkBBjEL6%2FMn4Hh%2BeQYnH0SZwNhpY5FYVgRDwV%2FSpaj9Euw4p%2BLKpPqVzCPb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ef475d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/8/ 1002 B
2 KB 66ms
35ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/8/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df94118151425d11320f6fb3958f309162e9556cf48af223f66421c6a3c8e456

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1002
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eff7z5Oj7cnVNguaCTQF4prhVRwsc5xchMK8hhKawJvsbc68C%2BuVfdokuIw77k%2BXrEVdRYdq4wXsPrHCPpOM%2BsrnbTHgRWpoqZF9XCCviIjadEGx6Wg%2Be1Zb0eRmMARPGEroI3AhOxFx%2Ft4%2FCgfX0FciAP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ef775d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/5/ 638 B
1 KB 65ms
35ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/5/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf4140305db6473492b7bce8c789d33bcc9a862f9d2d7fce40b115edb31683a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 638
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrKovr%2FAcMl1SMdikOnAfo4E2aOQBmbpfEEC8L4%2FCi8hqLyZc6PuI8gsVaW4MRnJbs%2FMQ%2FULl1%2FdzVmz0PrGsf4UU9%2FwL67dxIsOsaooTW%2B6ucTS52GgG7Ct8c5zcw0%2BGJlHEm0EJ78TeJgobVyO7GfIrXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ef875d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/32/ 724 B
1 KB 68ms
37ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/32/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 724
last-modified: Wed, 13 Jan 2021 12:58:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRl1Hvp4FDMo8rScN0ntyQBxTMiSRgutfPo9px8hFx5RQlJ%2FkXUWjkWGOQbDEpbXNgWZCfBAji0nk9QdvDTD0Ndn9yb83kWy%2F037Lxg05nQmijmSgrcVhTZKuAU1XK2TA8KQE7PPAVbTbrveUSvlkf8%2BTZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0075d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/16/ 786 B
1 KB 101ms
71ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/16/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f16f58885de373ce052a72b68ae407a049b3037a4324a04043a42fdac99460

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 786
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqkZW2ix7Rwuk30uOv1oZLl5AgJ%2FnX3IwYqJROMomazfm%2BnllPz%2B7UXaxmLic%2FnThDwipKcR1OKMwx3h5jWJIRCNq8tnocrvv8gUGDA2KQtCwxNS6m6c2suKRE%2FK3JhVafiRTEqOQaX3QPwfqx6qXDvSWmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0175d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/17/ 824 B
1 KB 95ms
66ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/17/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f22966b13e75ab8fda4c46107f7de87998e445e7b37e377a03a9b5beab88b9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 824
last-modified: Tue, 27 Jul 2021 19:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kggmstyVjuH6cf3BAuGvREwLxEiGzaVJc3%2BVdnxTZUrj4%2FAK7yDUn13w2Ak7EvEZyUKPIEdkLJbatAc4Q2Gg0g4P1pSCQkqfibi0ez6C5HXv9DBfKZ5NVLyf8GWl49GD%2F43gLB2OaHCNsI1H6OpjT6z%2BoKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0375d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/15/ 1 KB
2 KB 97ms
68ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/15/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f43e35c9c59892abc041c104628f994df6c53ab6364055fa42821c1122a618e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1488
last-modified: Tue, 27 Jul 2021 19:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyatbHfvvechW7dQcs3ph9UHAL1bwW0ujxGuGIHsy9Tk4vny432RWWtNW4D6%2FPbj%2BDY%2FFZMg%2FGMWDedegry7tZnK%2Bc611MNOmnygUMmvfcQyys8Qb0OEBhDMoGPJ3m2upehzTRGuBs7HX%2BHm2hLbDh7MEtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0475d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/14/ 796 B
1 KB 101ms
72ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/14/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049edfff9507adba029091a9ef66a3017d290cb2d81bb96af6ce86161882192

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 796
last-modified: Tue, 27 Jul 2021 19:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dpTXY4yTfmmfz%2BjFmwiqSOz3RbuATekYkPZvjCw2rU6dGoNMAjk%2FYuuK4uV96GiH8Ah2uc6xe5eGA9Pti0H%2FFTf%2FzFxslqiyEZ7UPURkf8LbcM9qydAgGjM%2BvrggXdfwKTHeuySs%2B3nkYBBqaBHScta18U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0675d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/18/ 622 B
1 KB 112ms
83ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/18/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7626318acfbe6eec5abc99f2cc5778703edd1f90463af85d4cbedd693faa114b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 622
last-modified: Tue, 10 Nov 2020 15:28:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4C9xo3BvX%2FOm7ZKmbYpwrhsG%2BBOGcLBwM7B3MN1OYI0z3M1YuJxisye2GxanH6Yxbuwj1GkrxjB0nN8D0tDzS1HCS0MYTQM35wSd%2FHfN%2FQaRyjM1oZ3aJ%2BmIIgPDZCG7sxoW%2BvZcZaVwXwhNaXCggnrbPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f0875d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/20/ 1 KB
2 KB 90ms
62ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/20/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d22520c085453857e822427f0f66d18d0c98986f6e1e40d6fa0fc7d44a657be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1146
last-modified: Tue, 10 Nov 2020 15:28:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNTlglR3V9gvX7ogK2%2B8evQslf1bdAkdS7sOW8yzagh8ZOg1PzibY1KDk8WAlK1V9kjJ49yC1xHVbdCqAK1%2BvOHp7kr2%2BwD6HoYuks4KJPWdYuOAfvRAj76miNlQ84a%2BD%2B8x1%2FS5O1JUVaAna2vkkUIvra8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ef975d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/19/ 918 B
1 KB 89ms
61ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/19/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a0574a1e7e1a1090b17dbf386399714e05f4afe8f09e15a3e5dbd58b435eb1b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 918
last-modified: Tue, 10 Nov 2020 15:28:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaCnMr05voEZUFYVO36U%2FyMzyXattxRfX4yTm3Ej3UCMB05EVF4mbv9D0BtJiuxHF0jgniwyN47Ji5gLWfukFqUXY6Ae4sgOLyV%2FQxI4%2BGgAbnmITAXz5jb3LINOsYXBsO3GQJ1CvVtuPdjHaZVpkv2mk7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957efa75d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/21/ 838 B
1 KB 90ms
61ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/21/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4c24faa867df9b33628fdb8aaf2d456e989750e4cda61f2418fee5d8b1c5cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 838
last-modified: Tue, 27 Jul 2021 19:28:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRZ4185W3AD65doBm5J1dKoj9JdFo2rF2escFAIuYF89BaVJDoMjlZ77HDAFTQj4h%2FHUHWjxft6aY9RzFJ1meaf5od3qRN0eBbmTZZ7aFprR6W80Xad76yK22Zv2sGMuR8SOoz%2BtPOYv362B6wQwg60IqQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957efc75d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/22/ 798 B
1 KB 87ms
59ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/22/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914d089eacaecf6944ee46bec04ac11975c734f98ddbfc5750536c2adb23fce8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 798
last-modified: Tue, 27 Jul 2021 19:58:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnHpVnvXzW3Wm6UflD0mxSvEJboJBFUVwUBWVJRaA5RDVQUduXzU9PbKAeBFWzPg5dwKZ0wdNxz4hxQtgxc8GaSDAiOOBPO6a1tSCd5po%2BL7s0c3PysFfelOCXnWPlWKLvX%2BqLS1QjVdb4LGipEb%2FCgb%2BH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957efd75d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/29/ 776 B
1 KB 87ms
60ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/29/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c897fcfa6be72e2bf55770711a1f26dab4095d209ca4cc92b65cba0f0ea0b83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 776
last-modified: Tue, 10 Nov 2020 15:28:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaEOrlIzE6MAuZvQZPNHB%2FK%2F8QExNq%2FchYKitI0nQHCplnU600oMQWwHCRqNWrBIsxo%2BPXHCsgrvks3NuRr7Tl0SHat8X7aR2PJN9RJd8pXTGJEL7RkagzsuIasH%2F1cR%2F6IRrLQVSPcIOb4BAtzuCJfcOAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957efe75d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/11/ 824 B
1 KB 97ms
71ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/11/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f50ed9c3c87ec6211e8cefe2c82e05d2e89f75991ed6fdc0b9607449db7dd777

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 824
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHl1HMD3%2B9uYaEi69bDON%2FKZtaVtPRWi%2FCsarH345bJqGWxE16M%2FlnVhGUwuuylhjMW%2Bm%2FVjBPnLomRwnMP9Y4kMkJxotZXUlyBJZXzPBGITwoaf6YNDJazPQv6rxFVyackWtNowLfK8C%2BvY1YYWrRYaPj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ee475d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/12/ 498 B
1 KB 98ms
72ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/12/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0674a525618751a642fe4baa693ff34b3c0580a13624da212f9d61300916b76a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 498
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JijVde1J3KooA%2BiqtrDU8StZKzqQPINR%2FI%2BcznEKy1xLYGiHP01PTd1SyfGmS2GZu%2FY5TvQLvfaHFHVjB05cVsraRW%2BPjnqmtEFsqKQZLRCcHzOIJEjKscxXcN3ZNZOpgix9vudQ8yNbOQT6htfTJ0p0Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ee675d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/28/ 828 B
1 KB 91ms
65ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/28/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c0fd70405f944e0d310f7ee9e16249c00f136832d2eef24207a29b92a42bac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 828
last-modified: Tue, 27 Jul 2021 19:58:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZqEcX98fUZ2vpBY90Ttu0AWyPwSTZ9oS%2FOXDpJCXeTd5vNjsVV5KipfKBO4DO7nV2BkyGq6J8JH662uRLgCAVBW%2BL%2B%2BGNvn0SfpTNOKi4lKW%2BilLz5%2FzGJAaz5s2ueJoUaW1v53QPnbbPXH76ewYnohyIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ee875d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/24/ 786 B
1 KB 67ms
65ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/24/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b77c3ebb0dfdb1386c077573297dc737b1e1e9e26f33186edd1c1bd7bd8972

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 786
last-modified: Tue, 27 Jul 2021 19:28:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iXrmAywzwLO8gRsWyXJnwBlBW5PY94u5nojbmNQxGmRVjfzJYqSC3kZDcYNAmyugc72U%2B34iQCaYKdNAU53Lzb%2Bc%2BGXx5kwpO4bOIxzLxahA7K1MH9mA5GiwL2JOo2vfT%2F9IIvBRbMlv1GWK1wjuuXhyxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957ee975d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/25/ 1 KB
2 KB 68ms
66ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/25/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4253f77b0d96cf34bfcc0c2f8ade40886e3a60e5fd6d6531a66c848456437b03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1038
last-modified: Tue, 27 Jul 2021 19:28:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCdMpUv17jZc%2BAxelCC4ZGNJ1ROqaRF4JtkC%2B%2FFlSXtV%2FFhs7IXcuXjneE%2FRpgYlkecN9HF4aerDiyHcHlFOO6ki8otoPKZ4Ms4Tw7Cvu%2F7R4hSG74rLLfM2kZMB%2Bj6ZlDHPYMXc9CJYRxKqVDVoaPiRvSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957eec75d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/26/ 462 B
1 KB 68ms
66ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/26/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710cf1f76557948352e0a3bfdfbb71197ba6a984c9b73cb557f4a654113d7b70

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 462
last-modified: Wed, 07 Apr 2021 12:28:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VT9i14NaJVgR26KsS30qp7eWlaL7s3q7qb%2FaW21Zl7WPkCej7%2FfUT77FuTTLTDO8fkujMAIpPZj6ZHo6mDssg78mTETXHMVVG2xLHxVV9mRAKstzma4ouPJoOXOkqgS3noxbGZRjtG92MaXzwatriBihuD0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957eee75d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/39/ 552 B
1 KB 87ms
84ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/39/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97992093717fde367507473ba78c48117095bdd5eac32fa9b9c8144aa768e4d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 552
last-modified: Fri, 09 Apr 2021 06:58:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSYPVq5NDKDZSL0CRYD7RcR7B3t0vHmY9hv7svEVjA4CGTR4Ihk7mgeM4Mtv5arB1bJjyCchpB81AhWjiAHY3HocNJNNJDh8hpJNGXQUEV68IjzmYRBog9YqCnBiiy3VL1neAishtjBgqG47PNx1q0zPtsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f1075d8-LHR
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/37/ 568 B
1 KB 88ms
84ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/37/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f2d2cce0c47e7d116589c641a59f0ed79aa7db34f2e96257c7b4deadafcc2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 568
last-modified: Fri, 09 Apr 2021 06:58:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCZnjS8NRW%2BoRj18NJmh25tGjQmb6enT6ReioJyZ96zzOpYlJmOFc1ZjCEOYitHZASzm145%2BhpJmDOnnq3iIJB8UVbvkwky5Bj0A9Ua54y4yE%2BoxUzMfLjkbf1P0hpjlkM3LmpXakn5WKh3t868GK%2FE%2Bytg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 725679957f1175d8-LHR
expires: 31556926

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2C1 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoTCAEqD3JlY3RhbmdsZS1hbGJ1bQoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEBQhAAAAAAAF1EAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAHEAwBAoNEBghAAAAMzN_j0AwBBIaQ0ktZnMtbm4zdmdDRldDS19RY2RiaVFCVlEiHWdwYS9keW5hbWljX2ZpZ193ZWJfYmFubmVyX3YyKBo=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 133ms
54ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4727666077541088ae250e4380799a5ee1c2fa59e86a22da0a597485c0093de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame DBA8 36 KB
13 KB 50ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 04:35:06 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B2C1 62 KB
23 KB 44ms
40ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2481
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23708
x-xss-protection: 0
server: cafe
etag: 12776144751522492165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 08:44:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 975A 42 B
64 B 99ms
73ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaGlcwMdLOQ5aci8nzOmz5DGATrVeasNHMWO5fYLbM8Gh9mSnRK95auZMqU_zKM28NTxfgER_072lHn0j2nAXJDRaJCpp0uUNGWPspf4YUNFjRy-H3xc1DqA&sai=AMfl-YQhYK_67ToxCcIQf2T8c5p0r7eOsMEsfjvuJdyAgcXhhyM7_bzcKePKZxzVSOyxtT59lNh1vwPP7OqT&sig=Cg0ArKJSzOT5vBFM-ylDEAE&cid=CAASBORoGK4&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=760889125&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656923173534&rpt=1137&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 08:26:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B2C1 0
54 B 575ms
273ms Ping
image/gif 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l56ha0s3&chm=1&ctx=2&gqid=JaTCYtCzHMLk3wPIqJ3QDA&qqid=CI-fs-nn3vgCFWCK_QcdbiQBVQ&met.6=6.1_CgsYuAggXCoECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B2C1 0
45 B 576ms
275ms Ping
image/gif 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~l56ha0sn&chm=1&ctx=2&gqid=JaTCYtCzHMLk3wPIqJ3QDA&qqid=CI-fs-nn3vgCFWCK_QcdbiQBVQ&met.4=fb.b~lb.6a~ol.s3~bdt.-1bs~bpp.-146~idt.-z4~dtd.-yg~dt.-149&met.3=492.63_1~733.6d~742.6d~518.6y~555.72~556.72_3~749.s1_1~113.x4_2~112.x4_2~246.xm_1&met.1=1.l56h9zv0~14.4~15.0~16.4~17.4~18.4~19.4~20.4~21.4&met.7=CBsQBxgBIAsoCzCGATh7~CBsQBxgBIAsoCzC4ATitAQ~CBsQChgBIAwoDDCEATh4~CBIQBxgBIA0oDTA8OC9oDXA7eL4IgAGSBogBuyOqAREKD0dvb2dsZSBTYW5zOjQwMLABAbgBAw~CBwQChgBIA0oDTA1OChoD3A0eJcJgAHrBogBwQywAQG4AQM~CBsQChgBIA0oDTCIATh7~CAkQChgBIA0oDTA2OChoD3A0eItGgAHfQ4gBiKgBsAEBuAED~CB4QChgBIA0oDTA7OC5oD3A6ePsMgAHPCogBsRWwAQG4AQM~CBwQChgBIA4oDjA6OCxoD3A2eLk7gAGNOYgB5YcBsAEBuAED~CCoQChgBIA4oDjCxATijAQ~CBsQChgBIA4oDjC8ATiuAQ~CBwQARgBIM0BKM0BMJQCOEdozQFwkwJ4rAKwAQG4AQM~CBsQARgBINUBKNUBMLQHON8F~CBwQARgBINoBKNoBMKMCOElo2wFwowJ4rAKwAQG4AQM~CBwQARgBIPABKPABMLgCOEho8QFwuAJ4rAKwAQG4AQM~CBsg-QE4iAc~CBwQARgBIPEHKPEHMLsIOEpo8QdwuAh4rAKwAQG4AQM~CCgQChgBIIQIKIQIML4IODpojghwtwh4yLsBgAGcuQGIAfDsA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E209 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 08:02:06 GMT
expires: Tue, 04 Jul 2023 08:02:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8D06 783 B
536 B 47ms
46ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6b1822c651470802d0f2c1b9684e88f42652bd9b5ff5abdefac3c0c45c65894

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v16BZgcp8VEWNa8mtWC59A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-v16BZgcp8VEWNa8mtWC59A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 08:26:15 GMT
expires: Mon, 04 Jul 2022 08:26:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame E209 36 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 04:35:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D06 0
0 79ms
79ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=2019652194118067&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E209 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CkoZwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:26:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
88ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=2019652194118067&bg=!wcKlwobNAAaLlKKnq5Q7ACkAdvg8WrLEkurIZgtkT-STsPEHZREowvJy5REAm0UQKCvoq-o-0dU5YgIAAABaUgAAAAFoAQeZAqnPt2BWeyAww73J-RyuiuwctDc7Xk16O4PyFHM6du5w0LDKGKIuAMxEiD3cBAIJxyIwR_CzFYvojaUaZJcS8x0n1nN7J_ABya65uGguppDIZhP6-4Si_Kgy3tBRwBGB0B7TWXO9BvrdnIaPOSJojU6KYIlf2lYAZjwNYYI1Go42EUR2bxYk1drgkqoaBZUkglyO_LI-dg-JocVjWeHq5yWVCzNsaucSaekJEpyiJ1HKqDgJADe5Y4yrExxGEDZmhtnjqSs5TVIljMdO5DLqwTI8HylkQ8ihPGhX5gkdrmcAA8YSrDviOdEDWhYeTQ4m6SpSfA8lFgKdRuRTtP-slh6rA7eCJzm6tXl2dEOYUL0boBr0fiL7TXtNOJLkqxuoQFn_43z1bXf5TiR4wIFI72tdbkGdSI9-77i1gjzfuVsTYZPZJBs_GHIhpbILlNAsdMQbR_6sFw13s4BPY9roBJPNwslmdH5fUfdeiegrM0Hh6S8pZt_lpx7OKk7Je6j_5Zcn84VgyfMROzXu4wyEBEIcmryf7S5IHsF4tcz_au0J2_IrtpwVHukqssWDWwZkKmY1mqCwbn1ptd4pyhAwA0L9YVAz2OHgskh9BBsMCZMf1aNrbmcuII1EJmP3P0wWqfXfP9rTTTwMkiCyfMHIpFWwb7Jgsm2wNWkQinn1QIIdamTm7GxJSqaaDSOw9Hj3TwD4CnTNJK5PSROzeGXUhmCYwB8r5C_o3dGeIvuTvhidVd7eXupgqLbGDmjUGX1pY51myVaYQzZZTQQUcfRyYwLZhE9slNWLCAFel12toKP5MUEorffMLkF8euZ6LgGZSgnEZHpk40Mq6RinBGd_bN8wOnr83dptv41GTYkVQ1vsCZnnzP_9fHixerkjGDDK9IUqMooAlDBjK7c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame B2C1 0
17 B 276ms
275ms Ping
image/gif 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l56ha00x&c=1223370482028&slotId=611685241014&qqid=CI-fs-nn3vgCFWCK_QcdbiQBVQ&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a694c09b207b537c12f07a7976b778d3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 278ms
277ms Ping
image/gif 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l56h9yxe&c=2019652194118067&e=44759876%2C44759927%2C44759837%2C31068196%2C42531608%2C21065724%2C31061691%2C31061692&ctx=1&met.3=779.f1~1001.f4__1~164.f5_1~165.f3_3~166.eq_s~779.fo~166.fi_9~326.ka_2~832.kf~868.kf~216.k7_9~215.k7_9~843.k6_a~889.ks_1~639.kz~914.kz~112.lp_1~326.pg~832.ph~868.ph~164.pf_2~165.pc_5~889.pi~639.pn~914.pn~629.qd~429.19x_1~168.1bt~168.1bt~168.1bt~168.1bt~168.1bt~210.1d6_1~326.1da~832.1da~868.1da~164.1d9_1~165.1d8_3~466.1d7_3~522.1d7_4~525.1dd_6~639.1dj~914.1dj~168.1jw~168.1jw~168.1jw~168.1jw~168.1jw~168.1jw~168.1jx~168.1q9~168.1q9~168.1q9~168.1q9~168.1q9~168.1q9~168.1q9_1~113.2bw_1&met.1=1.l56h9ybo~6.34~7.35~8.4m~9.4m~10.6k~11.5j~12.6k~13.7h~14.8h~15.7k~16.co~17.co~18.cq~19.2bf~20.2bf~21.2bo~22.cy~23.cy
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/rum_fy2019.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 08:26:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.oferlo.com.ua/	1970-01-20 13:00:59	Name: SrvCch Value: 0
www.oferlo.com.ua/	1969-12-31 23:59:59	Name: _csrf Value: 23e2f8c80604565996e0ea448505f59b99dd78da73cc7301e3e3ead6fbd54451a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%223c0gk5_EUvyTJ7tQatxG330guU66Pyg3%22%3B%7D
www.oferlo.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: kjcg4v43gbhjhghsnka0r3sr0a
.oferlo.com.ua/	1970-01-20 06:24:59	Name: _gcl_au Value: 1.1.143314269.1656923174
.oferlo.com.ua/	1970-01-20 13:36:59	Name: __gads Value: ID=09fb728ba0f8d694-22f62e77c5cd0085:T=1656923173:RT=1656923173:S=ALNI_Ma3_Vql8i3kIYuZR3EZJVqTaeEJIQ
.oferlo.com.ua/	1970-01-20 13:36:59	Name: __gpi Value: UID=0000082bf87a0518:T=1656923173:RT=1656923173:S=ALNI_MYy3A_2L9fNMxmO-CcDT71B7ide4Q
.oferlo.com.ua/	1970-01-20 21:46:35	Name: _ga Value: GA1.3.1148078250.1656923173
.oferlo.com.ua/	1970-01-20 04:16:49	Name: _gid Value: GA1.3.34715915.1656923174
.oferlo.com.ua/	1970-01-20 04:15:23	Name: _gat_UA-24834420-46 Value: 1
.oferlo.com.ua/	1970-01-20 06:24:59	Name: _fbp Value: fb.2.1656923173860.261606957
.doubleclick.net/	1970-01-20 21:46:35	Name: IDE Value: AHWqTUkN4pu8RQ1pkuIxlZ19Ct-fTv66HOl3kekHYljH2GFOQCenTkGZQk6mdJHE
.adnxs.com/	1970-01-20 06:24:59	Name: uuid2 Value: 2715775115089842492
.casalemedia.com/	1970-01-20 13:00:59	Name: CMID Value: YsKkJs657q03coZIccCcNwAA
.casalemedia.com/	1970-01-20 06:24:59	Name: CMPS Value: 4551
.casalemedia.com/	1970-01-20 06:24:59	Name: CMPRO Value: 4551
.adnxs.com/	1970-01-20 06:24:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>6dYPK-!]tbPl1M>e)ZlrFUfJ+tGXxoP::??fY5z2[L?OzL:?=HAMa>BTOyxz0C1:JSbpRzqF1`*b^J/)ocpC
.casalemedia.com/	1970-01-20 06:24:59	Name: CMTS Value: 5070

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, document-domain, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ae
adservice.google.com
apis.google.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
dsum-sec.casalemedia.com
eu001.leafletscdns.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
oferlo.com.ua
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-5hne6nsr.gvt1.com
r6---sn-aigzrney.gvt1.com
redirector.gvt1.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.ae
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.oferlo.com.ua
104.18.19.126
142.250.185.130
172.217.16.130
172.217.18.2
185.33.221.88
2404:6800:4004:801::2003
2606:4700:20::681a:264
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4009:2::c
2a00:1450:400c:c08::9c
2a00:1450:400e:6::9
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:b0c0:2:f0::250:4001
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
0674a525618751a642fe4baa693ff34b3c0580a13624da212f9d61300916b76a
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
0ae06ddb4073e373eab1c773006f390c86d4ef8e19fe1ee4843b13987aee2021
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35
0ef1f9f33632ec6e27928d82e6f155d14605c07815630b6a4dfbf830464795bc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
168a4c21dd4ca6ef7e49f6a81f5199cefb5b45f6af71a1bbc039df7ad3a94e76
1939afc0c7a681585f38dd6abdda66ede9e1f9a946e8aeef83949a15a7960f77
1c897fcfa6be72e2bf55770711a1f26dab4095d209ca4cc92b65cba0f0ea0b83
204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587
21b177a40aba940d7cdbaa62174e671bf2f02af901978167753fdcfce2be9101
24c7908fac6ad5008c8de42d0cb05a8414bf20f7e845827ff46bb2777f05ffb2
2735cd0c593645d8e8b2ce539e311ad799cc9a8d8903eb697388bb73618f2fc9
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2e8c7d35f17380438ffec444744bb31b67d47f13c4b5ca6487fa477ba759f8f1
2f43e35c9c59892abc041c104628f994df6c53ab6364055fa42821c1122a618e
33b77c3ebb0dfdb1386c077573297dc737b1e1e9e26f33186edd1c1bd7bd8972
34ab7b6bae04a32fc40e9b91566b00a87306ede37dd72313499b831cef75b2c0
3684d4bbcdd207e85265dfdf945fb6a7aae1436c83fc15befbcac1d020d71285
3b5c2abc10ad805c4de0200f2e6a6dfdd82460db05e3145a169e7767d17d534a
3ccdb197b7fd4579f033fe2dd82d48cdd9389bec13942befb887bcb893a2985f
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
3eeb8182f7090eadf2183aeb70d942da863843156257c4a4e1326ceac9a68715
4253f77b0d96cf34bfcc0c2f8ade40886e3a60e5fd6d6531a66c848456437b03
446bab4f19b463933ba69fc0c0ff5317bcef393fdcda0816e62b0a2b4aafeaa2
4727666077541088ae250e4380799a5ee1c2fa59e86a22da0a597485c0093de2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d22520c085453857e822427f0f66d18d0c98986f6e1e40d6fa0fc7d44a657be
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54e6e311e21a9a5767ea33a88daaa3bff4a54d128e28892fa64b4c8b08d9aa57
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5885788ebeb53e78e3e92fe35712470833efd3aa23917916580b69c243d70741
5a6c1a419cdd7dad8f6060e585a41bcf62d8cd3de1c1f5773f62631ed7959668
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f16f58885de373ce052a72b68ae407a049b3037a4324a04043a42fdac99460
681edf17a7cf0e80c5117629eec2531bf0bfd77ec9f9a8308a1bc2edac88a275
68f35086b566841e88e0e0c2c0e580edf996018c6e0de6916b5488a20e05b7bd
6bb241803ec43c4fce987a6d2cb04166f93dec519f07bb01b0edaa9cd9f48d36
6d8e6138c7cf0944d755a4757f5c2b3803ede310e05af81ff90d4fe98bb6c4d5
6e35ed0382199636aa9232291ce4513e7c2be9adb61f909f3d0af645fc5573f7
6ea890e47f4aaaf1ba5c3ee3b8ea8b59c16a61374fdfc986fbab557df5376d67
6f22966b13e75ab8fda4c46107f7de87998e445e7b37e377a03a9b5beab88b9b
710cf1f76557948352e0a3bfdfbb71197ba6a984c9b73cb557f4a654113d7b70
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7626318acfbe6eec5abc99f2cc5778703edd1f90463af85d4cbedd693faa114b
77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2
78cfc5ba37db16d7ca8c4abec00e920abbf9cf4744b1d38aa386932a0c152d03
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402
837206ebf6e62ede22e73028f6086e3cf47af7719e15721650d7bc42e5cf5f41
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
86414ea5538d5f21da467f12d2334388a419e87dd0cc35b87469c7623c56a2c3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
8cf4140305db6473492b7bce8c789d33bcc9a862f9d2d7fce40b115edb31683a
8df4fab5171a5708bb0e27d5c3b6a1d67dbe5a266851726dff167a2a7e03673e
914d089eacaecf6944ee46bec04ac11975c734f98ddbfc5750536c2adb23fce8
96ea508fe7bab64a56687982ac3a29ee4ae0d3e9c48f699d8ed769faabad998d
97992093717fde367507473ba78c48117095bdd5eac32fa9b9c8144aa768e4d2
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a0574a1e7e1a1090b17dbf386399714e05f4afe8f09e15a3e5dbd58b435eb1b
9a766ea12240078e9a4911493790c08cfa979a18619d180cd7f5a5f468fd79f3
9c2516c4c455411caea0c64380b128f1b5f01afcee30dd17560d3da5c7699679
9c9e7f3d39c73530e023011b1704866988e589855afc92883c2336a2019fc34d
9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a049edfff9507adba029091a9ef66a3017d290cb2d81bb96af6ce86161882192
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
af119cfded0f31227e85b6cf4de59dd3e0853012837b069d29208596d4f3e031
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bed9bcc372f2d6619d19a6e2d2a69092725530f20cdc7ffbe55a4a18cfb67b28
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2b51c2505e961d8423ac6eaa06792bdacaab656cc9751d819f7dce3b1cedcc7
c3f17580e0b568895b0d555cecc9d8ec733e134b57db52a983465e1e3e938428
c4f2d2cce0c47e7d116589c641a59f0ed79aa7db34f2e96257c7b4deadafcc2c
c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d
c6b1822c651470802d0f2c1b9684e88f42652bd9b5ff5abdefac3c0c45c65894
c6c7f3ffc0deb34af0f7c06c3610b4c6736993258ea2189658735f42dd251e51
cd3b1a770b292d05e3d5d6d2b7e336613d93deaf86cf2ff82a59c446ebeb7608
ce728004ccfdbfa1a7fcd76765ddfe3d64df6e1b8425849c609befe4ce289a99
cefb2e3821730dcb3ffcd9de8acd90e6465334feb294c4736c7af3f64094047e
d15f85d0aa8fe49a0ba11e1bcd2c4ad286c0ab1bc0452dec8c2fec9a446a6caf
d4d166d7c51fb5b8ca1137c6c3547508b188221659bac3f55df50f1d40841b3f
d5bed337907ab1b04f4ebf7d6e8821c231ddb5a1ba9734ebfddbeb0c82f4c312
d8425275b77f7ce018416241e85960821de53a5ed71761a1ae397b1a5e855336
dc4c24faa867df9b33628fdb8aaf2d456e989750e4cda61f2418fee5d8b1c5cc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df94118151425d11320f6fb3958f309162e9556cf48af223f66421c6a3c8e456
dfd0ee37fe024f82f9ec53580bfad506f0d14aaf4db90f8d8e5c2140c750a8c5
e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ea156c91e5bd4f4ba41e6bb96d65b5b75f36e2afb3b33522b6deb06aa1b19d
e98d619f5718f6656202390801d3cbe1778938654deba274c08ff4fd20e0ba37
ed589f2773c7f62a29c7691a961a85c95ac374c666dec2d6eb6a1abd0350a65e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4de7ced4fd6a7ec3e2ce81415f5d4a482aaa50a3ba83a73742687c166fed0fb
f50ed9c3c87ec6211e8cefe2c82e05d2e89f75991ed6fdc0b9607449db7dd777
f667d352a739b6a05eba01fd938f4e55caaff63a17b77c6737945a4622e7b061
f6c0fd70405f944e0d310f7ee9e16249c00f136832d2eef24207a29b92a42bac
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
ff152104d728368ece053a5076962e4c7c0f7cbfeaca09969ed0b615d061874e

www.oferlo.com.ua Open in urlscan Pro 2a03:b0c0:2:f0::250:4001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

97 %HTTPS

82 %IPv6

18 Domains

32 Subdomains

27 IPs

8 Countries

2359 kBTransfer

4410 kBSize

17 Cookies

13 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.oferlo.com.ua Open in urlscan Pro
2a03:b0c0:2:f0::250:4001 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

97 %
HTTPS

82 %
IPv6

18
Domains

32
Subdomains

27
IPs

8
Countries

2359 kB
Transfer

4410 kB
Size

17
Cookies

146 HTTP transactions
2 data transactions