www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buhoblik.org.ua/
Effective URL:
https://www.buhoblik.org.ua/
Submission: On September 06 via api (September 6th 2022, 4:08:30 am UTC) from GB — Scanned from GB

Summary HTTP 104 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 24 domains to perform 104 HTTP transactions. The main IP is 2a06:6440:0:2d02::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.buhoblik.org.ua.
TLS certificate: Issued by R3 on August 4th 2022. Valid for: 3 months.

This is the only time www.buhoblik.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	2a06:6440:0:2... 2a06:6440:0:2d02::1	200000 (UKRAINE-AS) (UKRAINE-AS)
1 1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1 2	95.216.186.40 95.216.186.40	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:41d0:602... 2001:41d0:602:8bf::	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	3.124.103.115 3.124.103.115	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
104	30

11 2a06:6440:0:2d02::1 (Ukraine) 2 redirects

ASN200000 (UKRAINE-AS, UA)

buhoblik.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buhoblik.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.186.40 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de

xn--r1a.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tttttt.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:602:8bf:: (France)

ASN16276 (OVH, FR)

avto-oblik.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.103.115 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-103-115.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	421 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 782 pix.eu.criteo.net — Cisco Umbrella Rank: 5551 csm.eu.criteo.net — Cisco Umbrella Rank: 5700	302 KB
14	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 36718 inv-nets.admixer.net — Cisco Umbrella Rank: 3544	200 KB
11	buhoblik.org.ua 2 redirects buhoblik.org.ua www.buhoblik.org.ua	230 KB
8	criteo.com 1 redirects rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 10082 ads.eu.criteo.com — Cisco Umbrella Rank: 5636 bidder.criteo.com — Cisco Umbrella Rank: 834 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7591 gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	50 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	77 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	132 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 420	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	132 KB
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 811	678 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 1015	950 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	2 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 427	17 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	5 KB
1	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 928	42 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 69314	351 B
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 3503	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	411 B
1	avto-oblik.com.ua avto-oblik.com.ua	72 KB
1	tttttt.me tttttt.me
1	xn--r1a.website 1 redirects xn--r1a.website — Cisco Umbrella Rank: 426963	465 B
1	google.com.ua 1 redirects www.google.com.ua — Cisco Umbrella Rank: 11425	320 B
104	24

	Domain	Requested by
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	cdn.admixer.net	www.buhoblik.org.ua cdn.admixer.net
10	pagead2.googlesyndication.com	www.buhoblik.org.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	static.criteo.net	cdn.admixer.net ads.eu.criteo.com
9	www.buhoblik.org.ua	www.buhoblik.org.ua
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	pix.eu.criteo.net	ads.eu.criteo.com
4	fonts.gstatic.com	fonts.googleapis.com
4	inv-nets.admixer.net	cdn.admixer.net www.buhoblik.org.ua
3	x.bidswitch.net	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	www.buhoblik.org.ua googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	bidder.criteo.com	static.criteo.net
2	creativecdn.com	1 redirects www.buhoblik.org.ua
2	c1.adform.net	2 redirects
2	ib.adnxs.com	1 redirects www.buhoblik.org.ua
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	ssl.google-analytics.com	www.buhoblik.org.ua
2	buhoblik.org.ua	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	image8.pubmatic.com	www.buhoblik.org.ua
1	m.trafmag.com	www.buhoblik.org.ua
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	avto-oblik.com.ua	www.buhoblik.org.ua
1	tttttt.me	www.buhoblik.org.ua
1	xn--r1a.website	1 redirects
1	www.google.com.ua	1 redirects
104	36

This site contains no links.

Subject Issuer	Validity	Valid
www.buhoblik.org.ua R3	`2022-08-04` - `2022-11-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tttttt.me R3	`2022-08-24` - `2022-11-22`	3 months	crt.sh
www.avto-oblik.com.ua R3	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-22` - `2022-10-19`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.buhoblik.org.ua/
Frame ID: 9817A296EE91A92E53015BDB5F46A65C
Requests: 41 HTTP requests in this frame

Frame: https://tttttt.me/buhoblik_org_ua
Frame ID: E3F67B0853BE4465D9618C7F0EFC80DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Frame ID: 313AB5B3EA35EC17134AEACF7BD05E0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1662437303&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304480&bpp=5&bdt=425&idt=149&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6122302451440&frm=20&pv=2&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165
Frame ID: 1668F8763D9F8A17253B9B748C1EA9E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169
Frame ID: 6D48D6700886D0BEC94691584E58BC18
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1662437303&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304488&bpp=1&bdt=433&idt=182&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&cms=3&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XgRaTuiPwN&p=https%3A//www.buhoblik.org.ua&dtd=184
Frame ID: 06CD779A299A0505697CFDB256850256
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304489&bpp=1&bdt=433&idt=187&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ev8t20K8M&p=https%3A//www.buhoblik.org.ua&dtd=190
Frame ID: DDD20FC8316F5EA4B4517F0E5CA42A27
Requests: 14 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: AD418C3570D4CBA035FA40A05503377B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 6F4EA9EB348EE5570333D92D322EB784
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxbHuAALybcKcbAzAAWEB8sy51EBXxQWBI2K5A&u=%7CsSur5wQtYFDJCYrll94ys9pS%2BreWj4RrVIyfdcoPm24%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6ziEzHnRQPmm8hAoZUVgSTUVKRYdHEcSbS6zZsqBlA7qj_wFx3Plre5_YpqMEyoHA6zfs5CKhnfkg2EEMCsksGLjKely4T3EpgfH05QM2LGspiiAymUq0Nu0Qx-2-4uzBGzAVWvYAoVFEmmpErgBwFNT4oPrxPOfFVWeF0NEdbNMfAYbXc6KRwyWeWnoBMocxYH4HO3YdT07D1UABMw7BgZbwztSoEKuvZt-tN-tz4rC2B9PFfAYbCTgpp02IR3tCJs7df8Vw44hMe7gZG3NyhA2lcloMDS7IPnDfFu3vyJz7ooCWLCe472rPrdFV9fHGKus_zorOG7eGbOnTgEchZ8zSxNhHgyOvQieIoQPBgRnu4euFxl1PzWSUnalbT9YNHGYuEf6uXnmjTC6XkzYRhtGGyn2xo1l40fOkHyCquEzEbViyLuwWWCCqX48W1yH74dVqjdtF8wHi_H2bgzR_JNGlVOWqcLi-Q5MeN4x6qASH8u2p46GLGfFZ60qk-2eK6BFU_Sg5ehKyQ9ff5vtpRCmJ194Ap460CHnFc-Qa6X1YIfrKaMYDSwJnLGZWL3Lrw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj3kduMcWY7eTL7PgxgOHiJaIAeSP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAb3UiOsDyAEJqQKV7s_9pnGzPqgDAaoE5AFP0E2B0PTWac-H-jm4eFtBR-lI2dTS46bBEfFyH11n5hbNZeCxwspfCRzzS7jC98prF_Xvuf_rCgJteZFlxDPcx1rwuWHwhbBFrYllvastpny4MqcsyHrii3ED2jG53v7X45gSOOKeGCoWppMVLd__1B0NXtR7P78GqFIz5_aT81YqCxpA9tZOxx_Ck6lWH5QbN8UsrwrlCBYrWidjTKPjzs2W-dl6igpeTa1CezcIdlEh9SL5Ei_jrHhWhrAHKDHKHBqsGGGyF8M1MySz9BsCdNdZUznYvqPGsLRykFGwx1-jna6ABsmaq_C0oaX7TKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rtAAvz0P1HBiPGWsiczZWApKd-A%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: 46B67DCFE205D50053690F8B240DDC58
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Frame ID: 6D84CC264646E26FB3628C0E63CC37FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Frame ID: 95DBA9B69B906CFB74313934FAEAFCE0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.buhoblik.org.ua
Frame ID: BA5018018AE353736009083A7F07B4B9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A2161FE9EF6243E2175A6B344C89010
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FFAE9E9CA67077DE71E305A11A085D13
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Бухучет в Украине : Бухгалтерский и налоговый учет

Page URL History Show full URLs

http://buhoblik.org.ua/ HTTP 301
https://buhoblik.org.ua/ HTTP 301
https://www.buhoblik.org.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

104
Requests

95 %
HTTPS

59 %
IPv6

24
Domains

36
Subdomains

30
IPs

8
Countries

1644 kB
Transfer

3588 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buhoblik.org.ua/ HTTP 301
https://buhoblik.org.ua/ HTTP 301
https://www.buhoblik.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 10

https://xn--r1a.website/s/buhoblik_org_ua HTTP 302
https://tttttt.me/buhoblik_org_ua

Request Chain 52

https://ib.adnxs.com/setuid?entity=533&code=2eaa48283a634c91b96c2bf7a1445605 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D2eaa48283a634c91b96c2bf7a1445605

Request Chain 53

https://x.bidswitch.net/sync?ssp=admixer&user_id=2eaa48283a634c91b96c2bf7a1445605&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=2eaa48283a634c91b96c2bf7a1445605&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=2681412780112385473&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=06efb538-954a-4c8a-b3c7-2e7132762049&gdpr=&consent=&gdpr_pd=

Request Chain 55

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 98

https://gum.criteo.com/sid/json?origin=publishertag&domain=buhoblik.org.ua&sn=ChromeSyncframe&so=0&topUrl=www.buhoblik.org.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8KJIM3xFSXNta3dTY1FGSUtPSGJ2NlAxTDJLSjBxSnU3blZITFBRbEczSUlCZWhLaU1IcDRpcDBjbmxhK01vNGdTU2lnc0JibzBVYjdmN1pPK1Y3WjJPdDh0aWd5WGsyQytnWUdPZWpZdjE0NHV1aEo1VmZtS1lESUZXRnZTT3daclY2d09NbTZtT0dHaUs4RUJuTGljd09DY3lzV2M1ZCtCeG0zQVVmWUpRK0xSQmN2TWt3elZUYkZzVUpCTzI0QmZmenFaYUFuUnJJd1ZrZGdzbnY0ajRNZXd1T0V5TWI1K0phOXJlbHZUYmxHcHVwMEZUczNKQXV5aE1YbnhmdVROekx4WTdVMmpwZ01XV0xqdWxIUUk0U3VyQT09fA&cppv=2

104 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.buhoblik.org.ua/
Redirect Chain

http://buhoblik.org.ua/
https://buhoblik.org.ua/
https://www.buhoblik.org.ua/

84 KB
15 KB

389ms
355ms

Document
text/html

2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9ef30e1b550e2e549a8a753c7409b7f50aa85ee11ac00740cac635b6ae2b5fa1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
content-encoding: gzip
content-length: 15302
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 04:08:23 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Tue, 06 Sep 2022 04:08:23 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-ray: p953:0.193/wn25401:0.180/wa25401:D=188793

Redirect headers

cache-control: max-age=0
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Tue, 06 Sep 2022 04:08:23 GMT
expires: Tue, 06 Sep 2022 04:08:23 GMT
location: https://www.buhoblik.org.ua/
server: nginx
x-ray: p953:0.000/wn25401:0.000/wa25401:D=3369

GET
H2 200 937d2c2ee43bca358b9b71d8167863c767f6a3e64cf2ba0703a7f07c0a987df3.css
www.buhoblik.org.ua/media/com_jchoptimize/cache/css/ 161 KB
23 KB 170ms
169ms Stylesheet
text/css 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/media/com_jchoptimize/cache/css/937d2c2ee43bca358b9b71d8167863c767f6a3e64cf2ba0703a7f07c0a987df3.css
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p953:0.007/wn25401:0.000/
content-encoding: br
last-modified: Sat, 06 Aug 2022 07:42:02 GMT
server: nginx
etag: W/"62ee1b4a-28387"
content-type: text/css
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H2 200 937d2c2ee43bca358b9b71d8167863c7fe11058a8effe382178f5c9b88baefc8.js Show response
www.buhoblik.org.ua/media/com_jchoptimize/cache/js/ 137 KB
44 KB 88ms
88ms Script
application/javascript 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/media/com_jchoptimize/cache/js/937d2c2ee43bca358b9b71d8167863c7fe11058a8effe382178f5c9b88baefc8.js
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 377d27d86822418762eb956a7d4eec9823d6a9d3fd6f6d3ca0d63fdf374a0b69

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p953:0.004/wn25401:0.000/
content-encoding: br
last-modified: Sun, 19 Jun 2022 12:21:49 GMT
server: nginx
etag: W/"62af14dd-223b2"
content-type: application/javascript
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru
https://www.gstatic.com/prose/brandjs.js

14 KB
14 KB

146ms
41ms

Script
text/javascript

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 03:28:36 GMT
x-content-type-options: nosniff
age: 2388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 07 Sep 2022 03:28:36 GMT

Redirect headers

date: Tue, 06 Sep 2022 04:08:24 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Tue, 06 Sep 2022 04:38:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
57 KB 163ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a98a88ec6f844415f1b757316f23fb6bbb4df7e763dd0174b717a02d1efd97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57355
x-xss-protection: 0
server: cafe
etag: 7699358177655229858
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:08:24 GMT

GET
H2 200 list_black.png
www.buhoblik.org.ua/images/ 417 B
634 B 87ms
86ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/list_black.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p953:0.000/wn25401:0.000/
last-modified: Thu, 27 Aug 2015 18:43:06 GMT
server: nginx
etag: "55df5a3a-1a1"
content-type: image/png
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
accept-ranges: bytes
content-length: 417
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H2 200 youtube-32.png
www.buhoblik.org.ua/images/ 918 B
1 KB 88ms
86ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/youtube-32.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p953:0.000/wn25401:0.000/
last-modified: Sat, 21 Mar 2020 22:41:20 GMT
server: nginx
etag: "5e769810-396"
content-type: image/png
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
accept-ranges: bytes
content-length: 918
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
57 KB 150ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab7a76acd513fe4799f8b46186ddd8665586652b14c6bce0dc19bd34f503d436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Origin: https://www.buhoblik.org.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57333
x-xss-protection: 0
server: cafe
etag: 12773831069476169256
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:08:24 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 401ms
130ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-09-06T04:05:06+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Aug 2022 09:45:58 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 142ms
40ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1040
date: Tue, 06 Sep 2022 03:51:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 06 Sep 2022 05:51:04 GMT

GET
H2 200 module-main3.png
www.buhoblik.org.ua/images/ 70 KB
70 KB 86ms
86ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/module-main3.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p953:0.000/wn25401:0.000/
last-modified: Sun, 13 Feb 2022 17:15:45 GMT
server: nginx
etag: "62093cc1-11743"
content-type: image/png
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
accept-ranges: bytes
content-length: 71491
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H/1.1

200
OK

buhoblik_org_ua
tttttt.me/ Frame E3F6
Redirect Chain

https://xn--r1a.website/s/buhoblik_org_ua
https://tttttt.me/buhoblik_org_ua

0
0

374ms
186ms

Document
text/html

95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tttttt.me/buhoblik_org_ua

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://web.telegram.org
Strict-Transport-Security	max-age=35768000

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-control: no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors https://web.telegram.org
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Sep 2022 04:08:25 GMT
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=35768000
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Sep 2022 04:08:24 GMT
Location: https://tttttt.me/buhoblik_org_ua
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=35768000

GET
H2 200 num_star.png
www.buhoblik.org.ua/images/ 2 KB
2 KB 83ms
83ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/num_star.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p953:0.000/wn25401:0.000/
last-modified: Tue, 03 Jan 2017 22:58:31 GMT
server: nginx
etag: "586c2c97-652"
content-type: image/png
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
accept-ranges: bytes
content-length: 1618
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H2 200 pdf-sborniki-vnizu-115-2022.png
avto-oblik.com.ua/images/ 72 KB
72 KB 295ms
119ms Image
image/png 2001:41d0:602:8bf::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avto-oblik.com.ua/images/pdf-sborniki-vnizu-115-2022.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:602:8bf:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: wn33738:0.000/
last-modified: Mon, 27 Dec 2021 15:47:26 GMT
server: nginx
etag: "61c9e00e-1201c"
content-type: image/png
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
accept-ranges: bytes
content-length: 73756
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H2 200 dovidnik-buhgaltera-238.png
www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/ 16 KB
16 KB 85ms
84ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/dovidnik-buhgaltera-238.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p953:0.000/wn25401:0.000/
last-modified: Wed, 26 Jul 2017 08:14:12 GMT
server: nginx
etag: "59784f54-3eb3"
content-type: image/png
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
accept-ranges: bytes
content-length: 16051
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H2 200 sidebar-uchet-2021.png
www.buhoblik.org.ua/images/ 58 KB
58 KB 85ms
85ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/sidebar-uchet-2021.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 6a82502c1baab28ba6f410aa012fff53bd4f01d8de430e54589e583a0dc3ce80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p953:0.000/wn25401:0.000/
last-modified: Wed, 06 Apr 2022 09:28:41 GMT
server: nginx
etag: "624d5d49-e758"
content-type: image/png
cache-control: max-age=2592000
date: Tue, 06 Sep 2022 04:08:24 GMT
accept-ranges: bytes
content-length: 59224
expires: Thu, 06 Oct 2022 04:08:24 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 48ms
47ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2007297124&utmhn=www.buhoblik.org.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&utmhid=1373143959&utmr=-&utmp=%2F&utmht=1662437304410&utmac=UA-23922474-1&utmcc=__utma%3D21695912.1856335902.1662437304.1662437304.1662437304.1%3B%2B__utmz%3D21695912.1662437304.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=335550800&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 04:08:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ 343 KB
121 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33b37bdd096eac62d8a92593f228d4e3ca1d9156a59bf106b6e84c0a8ccba3f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123685
x-xss-protection: 0
server: cafe
etag: 5372101437201215058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:08:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/ Frame 313A 10 KB
5 KB 144ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 73916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 07:36:28 GMT
etag: 8616628553774171045
expires: Mon, 19 Sep 2022 07:36:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
411 B 48ms
48ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.buhoblik.org.ua&callback=_gfp_s_&client=ca-pub-5630956766216465

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c332f5e3f0c91f905fb5e4d6c32206ccc5987a8370e462ea6bce8f4bdc6cb197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 152ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.buhoblik.org.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
49ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.buhoblik.org.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1668 0
19 B 174ms
92ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1662437303&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304480&bpp=5&bdt=425&idt=149&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6122302451440&frm=20&pv=2&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 04:08:24 GMT
expires: Tue, 06 Sep 2022 04:08:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D48 23 KB
10 KB 478ms
405ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af978e4ad3b8cb0607d869d6299e1da24e8053273cebdb03e09635c216d5fe9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9859
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 04:08:25 GMT
expires: Tue, 06 Sep 2022 04:08:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06CD 83 KB
30 KB 398ms
344ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1662437303&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304488&bpp=1&bdt=433&idt=182&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&cms=3&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XgRaTuiPwN&p=https%3A//www.buhoblik.org.ua&dtd=184

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1b7fe86af06e8e43cfbf123341ce65582f0d3adaf494bce0b71351dba4e7b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30934
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 04:08:25 GMT
expires: Tue, 06 Sep 2022 04:08:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDD2 95 KB
32 KB 302ms
255ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304489&bpp=1&bdt=433&idt=187&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ev8t20K8M&p=https%3A//www.buhoblik.org.ua&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8254bac5419c381a92c107bb246de18f4c34ecdc334eda71789d7d890f6aaf21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 04:08:24 GMT
expires: Tue, 06 Sep 2022 04:08:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame AD41 738 B
519 B 122ms
121ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 04:08:24 GMT
etag: W/"63049f42-2e2"
expires: Thu, 24 Aug 2023 17:10:47 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-08-23T17:10:47+00:00
x-id: fr5-up-gc35

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/49044/ 23 KB
8 KB 128ms
128ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:56 GMT
server: nginx
etag: W/"63049f40-5d41"
vary: Accept-Encoding
x-cached-since: 2022-08-29T18:33:36+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 30 Aug 2023 18:33:36 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/49044/ 75 KB
20 KB 139ms
138ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:45 GMT
server: nginx
etag: W/"63049f35-12c39"
vary: Accept-Encoding
x-cached-since: 2022-08-23T17:10:47+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 24 Aug 2023 17:10:47 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 6F4E 738 B
405 B 134ms
134ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 04:08:24 GMT
etag: W/"63049f42-2e2"
expires: Thu, 24 Aug 2023 17:10:47 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-08-23T17:10:47+00:00
x-id: fr5-up-gc35

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 2 KB
2 KB 160ms
72ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=6551359960983816&cpv=b203f16a-f4ba-95c2-f47a-5d651c6bf1be&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%223444430c-cdf6-d4db-3cc9-538a89117cf0%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.buhoblik.org.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22f94a4c99-df3b-a55e-09ed-285fa08de6ec%22%2C%22tagid%22%3A%22dab6be62-b1e7-4d05-a12c-0a70b3291504%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dab6be62b1e74d05a12c0a70b3291504_zone_1393_sect_956_site_943%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

20440d8d772fd6e2b3612671c5d40681b61775d92b7be5ffaa431e049f4da6ec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 04:08:25 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 1338
X-Xss-Protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame DDD2 8 KB
1 KB 141ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304489&bpp=1&bdt=433&idt=187&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ev8t20K8M&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfe06d200a4963b3da08554d4f1e769a11a84193228432758853b7d963c04e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 03:36:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 06 Sep 2022 04:08:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Sep 2022 04:08:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame DDD2 2 KB
983 B 146ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 03:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 03:33:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DDD2 0
0 90ms
90ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7BkquMcWY46JL8XgxgOzgILQDM66hfFr4rLgvs8Q3Yynva0CEAEg5-TyFmC7hoCA0AqgAfTNlMYByAEJqQKV7s_9pnGzPqgDAcgDywSqBIACT9BFdA7XUg0uQD4-1zswnVVFZ2f5Ze0cRSgbK1PVHan3S-LetnY32kQvUY39DMwyQajhma5U65PpoTVUdb_ULzLWKaaglvKeno8p9J37vX_mBD8rmfEtr8vUadw2Tmt-jy_NHMjAJAvGopZSPCXeMoyn6QH6srlzs7YztwavDiX3HL9uqV8aok77Mw6EJgH2lK2Cjs369sKYgrP8tufxNhmTSTVQzjUr7e8ENbQ3wdfC7s0JfKXvk9wC_gp95HcFlg0EPe8meoh9-_MSxSHdK_y-lWMHqZ9ze-pKrB1sB-BfKnDEaA0DuRgphy7-O6Eje4093_jUpIcJO0mYGmQ_g8AEusrRxpAEkgUECAQYAZIFBAgFGASgBi6AB_Sx67kCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3MQJ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTYzMDk1Njc2NjIxNjQ2NRgA&sigh=cWZh_ALbgIA&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304489&bpp=1&bdt=433&idt=187&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9Ev8t20K8M&p=https%3A//www.buhoblik.org.ua&dtd=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 06 Sep 2022 04:08:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Sep 2022 04:08:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame DDD2 23 KB
10 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 03:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 03:38:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame DDD2 3 KB
1 KB 138ms
52ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 02:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 02:56:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame DDD2 17 KB
8 KB 132ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 04:03:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDD2 142 KB
44 KB 146ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 04:08:25 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame DDD2 33 KB
13 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 19:26:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 13:15:13 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9667811319387106745/ Frame DDD2 15 KB
16 KB 163ms
85ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9667811319387106745/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745e475947f127ea5cba2ab34b02650651fd519c6b53931f22112a743976d955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:13:39 GMT
x-content-type-options: nosniff
age: 593686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15633
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 10:34:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 07:13:39 GMT

GET
DATA 200
OK truncated
/ Frame DDD2 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DDD2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 06CD 6 KB
745 B 60ms
57ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1662437303&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304488&bpp=1&bdt=433&idt=182&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&cms=3&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XgRaTuiPwN&p=https%3A//www.buhoblik.org.ua&dtd=184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 02:10:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 06 Sep 2022 04:08:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Sep 2022 04:08:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 06CD 2 KB
936 B 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 03:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 03:33:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 06CD 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtYpluMcWY7GEL7KG1fAPvL2xsALL7u3Oa520mff2DuLf0uCyARABIOfk8hZgu4aAgNAKoAGi99TqAsgBCakCIjBnIoIoXT6oAwHIA8uEgAKqBPQBT9B6CgsAaDFhUgIbQAyvEaWpn1ckXFHkO7hdEFTCap1dzdcw0iDp-6FdjRwkxrQts35rkXZcJ1NuKQcu8VEwVtOdQqM4UcU32zl5Up4IX6quLMovtkgn5PZtWIQaT0cd_fQCUTWHANGyNLGh2kjkLpWlgII_sR79kSypDlSPrfEJcvxY8UtxDzCYw3NqDQNnq0Y5E_A92_G3xW35vd3GoHXeWTvVpZcwKvH39CMEEksEv9wX-M6NXAdT_eb1pRdkVUZn-eV0P0LYmwBIle3LEFAi30cfsd1YztJTeZppEnCWRXt8ejR9adMKwXtw9S4OMW4WSMAEhNno2OsDkgUECAQYAZIFBAgFGASgBi6AB8aIq5UBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQr8wD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTU2MzA5NTY3NjYyMTY0NjUYAA&sigh=rEEdT_fGqzY&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1662437303&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304488&bpp=1&bdt=433&idt=182&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&cms=3&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XgRaTuiPwN&p=https%3A//www.buhoblik.org.ua&dtd=184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 06 Sep 2022 04:08:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Sep 2022 04:08:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 06CD 23 KB
9 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 03:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 03:38:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 06CD 3 KB
1 KB 99ms
97ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 02:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 02:56:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06CD 142 KB
44 KB 111ms
109ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 04:08:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 06CD 17 KB
7 KB 93ms
91ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 04:03:07 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 06CD 33 KB
13 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 19:26:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 13:15:13 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/16575587423372513345/ Frame 06CD 55 KB
55 KB 101ms
99ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16575587423372513345/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2170a918667c463b68656fb70938b83392d2b1d72bd062db5bddf491b44446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 01:30:53 GMT
x-content-type-options: nosniff
age: 355052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55864
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 15:44:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Sep 2023 01:30:53 GMT

GET
DATA 200
OK truncated
/ Frame 06CD 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a59b2b7f68396ac380b5f6ac62545c046b493f8884c0bea324c7dc0973c1f62d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 161ms
53ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:12 GMT
server: nginx
etag: W/"63041db4-1ddab"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 04:08:25 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=533&code=2eaa48283a634c91b96c2bf7a1445605
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D2eaa48283a634c91b96c2bf7a1445605

43 B
848 B

41ms
41ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D2eaa48283a634c91b96c2bf7a1445605

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 04:08:25 GMT
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ada662e7-5f60-4e7c-9c17-f7c7a3fe4947
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 04:08:25 GMT
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 75b4f8f7-ca2d-471b-ad66-0cc1148846d2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D2eaa48283a634c91b96c2bf7a1445605
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=2eaa48283a634c91b96c2bf7a1445605&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=2eaa48283a634c91b96c2bf7a1445605&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer
https://x.bidswitch.net/sync?dsp_id=70&user_id=2681412780112385473&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=06efb538-954a-4c8a-b3c7-2e7132762049&gdpr=&consent=&gdpr_pd=

43 B
463 B

40ms
40ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=06efb538-954a-4c8a-b3c7-2e7132762049&gdpr=&consent=&gdpr_pd=

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 04:08:25 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=06efb538-954a-4c8a-b3c7-2e7132762049&gdpr=&consent=&gdpr_pd=
Date: Tue, 06 Sep 2022 04:08:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 164ms
35ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=2eaa48283a634c91b96c2bf7a1445605
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 04:08:25 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

35ms
35ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 04:08:25 GMT, Tue, 06 Sep 2022 04:08:25 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Tue, 06 Sep 2022 04:08:25 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 110ms
34ms Image
text/plain 198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:23 GMT
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 6D48 3 KB
1 KB 128ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 02:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 02:56:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 6D48 17 KB
7 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 04:00:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D48 142 KB
44 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 04:08:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6D48 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9XnhuMcWY7eTL7PgxgOHiJaIAeSP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAb3UiOsDyAEJqQKV7s_9pnGzPqgDAaoE4QFP0E2B0PTWac-H-jm4eFtBR-lI2dTS46bBEfFyH11n5hbNZeCxwspfCRzzS7jC98prF_Xvuf_rCgJteZFlxDPcx1rwuWHwhbBFrYllvastpny4MqcsyHrii3ED2jG53v7X45gSOOKeGCoWppMVLd__1B0NXtR7P78GqFIz5_aT81YqCxpA9tZOxx_Ck6lWH5QbN8UsrwrlCBYrWidjTKPjzs2W-dl6igpeTa1CezcIdlEh9SL5Ei_jrHhWxLImuuJo7h8_6m4qlKepmCen_qcIWs-C3aK8IgJ5rphqQdZawsyABsmaq_C0oaX7TKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTYzMDk1Njc2NjIxNjQ2NRgA&sigh=ouaSLFkltJI&uach_m=[UACH]&cid=CAQSGwCsnQUxFNlkjHtTbqMeKY3ScFXeu6MymiWFwhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 06 Sep 2022 04:08:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 6D48 0
0 107ms
36ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqKMEr_6RNoFmAKH-lcYAgAAAL3dF7qT-P8r2nHJuhC4xxZjHTlPbrY7hE0UsNEAEgAA&wp=YxbHuAALybcKcbAzAAWEB8sy51EBXxQWBI2K5A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 303488
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 46B6 117 KB
41 KB 204ms
77ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YxbHuAALybcKcbAzAAWEB8sy51EBXxQWBI2K5A&u=%7CsSur5wQtYFDJCYrll94ys9pS%2BreWj4RrVIyfdcoPm24%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6ziEzHnRQPmm8hAoZUVgSTUVKRYdHEcSbS6zZsqBlA7qj_wFx3Plre5_YpqMEyoHA6zfs5CKhnfkg2EEMCsksGLjKely4T3EpgfH05QM2LGspiiAymUq0Nu0Qx-2-4uzBGzAVWvYAoVFEmmpErgBwFNT4oPrxPOfFVWeF0NEdbNMfAYbXc6KRwyWeWnoBMocxYH4HO3YdT07D1UABMw7BgZbwztSoEKuvZt-tN-tz4rC2B9PFfAYbCTgpp02IR3tCJs7df8Vw44hMe7gZG3NyhA2lcloMDS7IPnDfFu3vyJz7ooCWLCe472rPrdFV9fHGKus_zorOG7eGbOnTgEchZ8zSxNhHgyOvQieIoQPBgRnu4euFxl1PzWSUnalbT9YNHGYuEf6uXnmjTC6XkzYRhtGGyn2xo1l40fOkHyCquEzEbViyLuwWWCCqX48W1yH74dVqjdtF8wHi_H2bgzR_JNGlVOWqcLi-Q5MeN4x6qASH8u2p46GLGfFZ60qk-2eK6BFU_Sg5ehKyQ9ff5vtpRCmJ194Ap460CHnFc-Qa6X1YIfrKaMYDSwJnLGZWL3Lrw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj3kduMcWY7eTL7PgxgOHiJaIAeSP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAb3UiOsDyAEJqQKV7s_9pnGzPqgDAaoE5AFP0E2B0PTWac-H-jm4eFtBR-lI2dTS46bBEfFyH11n5hbNZeCxwspfCRzzS7jC98prF_Xvuf_rCgJteZFlxDPcx1rwuWHwhbBFrYllvastpny4MqcsyHrii3ED2jG53v7X45gSOOKeGCoWppMVLd__1B0NXtR7P78GqFIz5_aT81YqCxpA9tZOxx_Ck6lWH5QbN8UsrwrlCBYrWidjTKPjzs2W-dl6igpeTa1CezcIdlEh9SL5Ei_jrHhWhrAHKDHKHBqsGGGyF8M1MySz9BsCdNdZUznYvqPGsLRykFGwx1-jna6ABsmaq_C0oaX7TKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rtAAvz0P1HBiPGWsiczZWApKd-A%26client%3Dca-pub-5630956766216465%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8078e7f4dad2305c556cc6c03a56d2d4d45a38588fd2fb21db8b83657db0e4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 04:08:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ksMbGOz5OHI8EM9NNyNOz5xpon7L7l4o7ILvZ4l3xWUbFk91o6zTYv7PwTgLvUzoBu8my2eTEn1RjdtZ0Awa1g9YkPNKyiA8qNIL1svYPgAKs_gJ6pcFwJ7Ae4fOq-rJQVSIi0iXcok7Vwbfxr4X8JMBzTGxjUXsT6Adms07_4OShku0f1xaJojehlrRZi1zmsURW8NalarbclD799JVk5vnMmUkT2cn506fOsIYfrqZKZHWD1MO_D26Si60e9CmfPRJxg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 16879508
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame DDD2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e85728e344c5be26a537f3f4aa1e3d8e91a8e4352eaf4dd1d25172539c9dbb2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame DDD2 44 KB
44 KB 143ms
54ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 33471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 18:50:34 GMT

GET
DATA 200
OK truncated
/ Frame 6D48 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49dacf8b423009eb00c64132a6a6a80e3be4b1399409ff2fcf27dead45657268

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 06CD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a559f63f200d4c76b797df05ea8612cdffebd30eefdda005f343806f4ec2e9c3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 06CD 15 KB
15 KB 136ms
101ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 417994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 08:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 06CD 15 KB
16 KB 74ms
42ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 167924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 05:29:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 06CD 15 KB
15 KB 153ms
121ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 58868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 11:47:17 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 227 B
473 B 117ms
35ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=63222804856

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b1d47f72741022aa672eebf0486e07177ba344e5cba2bcd87c025f7ec0fc96c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 04:08:24 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.buhoblik.org.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 199

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 46B6 2 KB
1 KB 54ms
53ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxbHuAALybcKcbAzAAWEB8sy51EBXxQWBI2K5A&u=%7CsSur5wQtYFDJCYrll94ys9pS%2BreWj4RrVIyfdcoPm24%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6ziEzHnRQPmm8hAoZUVgSTUVKRYdHEcSbS6zZsqBlA7qj_wFx3Plre5_YpqMEyoHA6zfs5CKhnfkg2EEMCsksGLjKely4T3EpgfH05QM2LGspiiAymUq0Nu0Qx-2-4uzBGzAVWvYAoVFEmmpErgBwFNT4oPrxPOfFVWeF0NEdbNMfAYbXc6KRwyWeWnoBMocxYH4HO3YdT07D1UABMw7BgZbwztSoEKuvZt-tN-tz4rC2B9PFfAYbCTgpp02IR3tCJs7df8Vw44hMe7gZG3NyhA2lcloMDS7IPnDfFu3vyJz7ooCWLCe472rPrdFV9fHGKus_zorOG7eGbOnTgEchZ8zSxNhHgyOvQieIoQPBgRnu4euFxl1PzWSUnalbT9YNHGYuEf6uXnmjTC6XkzYRhtGGyn2xo1l40fOkHyCquEzEbViyLuwWWCCqX48W1yH74dVqjdtF8wHi_H2bgzR_JNGlVOWqcLi-Q5MeN4x6qASH8u2p46GLGfFZ60qk-2eK6BFU_Sg5ehKyQ9ff5vtpRCmJ194Ap460CHnFc-Qa6X1YIfrKaMYDSwJnLGZWL3Lrw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj3kduMcWY7eTL7PgxgOHiJaIAeSP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAb3UiOsDyAEJqQKV7s_9pnGzPqgDAaoE5AFP0E2B0PTWac-H-jm4eFtBR-lI2dTS46bBEfFyH11n5hbNZeCxwspfCRzzS7jC98prF_Xvuf_rCgJteZFlxDPcx1rwuWHwhbBFrYllvastpny4MqcsyHrii3ED2jG53v7X45gSOOKeGCoWppMVLd__1B0NXtR7P78GqFIz5_aT81YqCxpA9tZOxx_Ck6lWH5QbN8UsrwrlCBYrWidjTKPjzs2W-dl6igpeTa1CezcIdlEh9SL5Ei_jrHhWhrAHKDHKHBqsGGGyF8M1MySz9BsCdNdZUznYvqPGsLRykFGwx1-jna6ABsmaq_C0oaX7TKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rtAAvz0P1HBiPGWsiczZWApKd-A%26client%3Dca-pub-5630956766216465%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Sep 2023 04:08:25 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 46B6 2 KB
1 KB 55ms
54ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Sep 2023 04:08:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 46B6 308 B
636 B 53ms
52ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 01 Sep 2023 04:08:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 46B6 293 B
621 B 56ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 01 Sep 2023 04:08:25 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 46B6 43 B
348 B 130ms
37ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=wZcEoDV6w8YbgTG0gEa627PpsCA6UTJUuZm0M5RERHfibdQmWEIqCV5gQsYYyATMBcn8_lYx1Q_UiQItlgYjfN0x6vP-yU3nR9Xvx2r_nqmS36kIMVv56np7vsp8NpXiWRTEUESwZndSPgVqL6BIR5gU-A_K6gDTJB4_Fnp9V1sL-B2wkMmpjzeIZKEg3DZsz16lfbg1jjC6wy2HnE8D281sFAAw1JLJNwezrM6zWICVVvBWG9bn5bzju1wjOwc8RiLGqLlLevScCz3pRiBdXU8w-WhwS7UfC8xKYwc82qHTX3kHHpAjdl9NB5o5EQaogH3qGNDocFe4e07vEFn4DSBOcfTy23zvvBiBPBAT6Ue17rMee2swKgXfvgC21R6-4yrA9nnpFv1WDIpA9q7R7eCjlssXE_L33M0bXKQ0zwaHrH19XnKCbtpxuyBtIcaPcLU9Sw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 04:08:25 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3305090
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 46B6 12 KB
5 KB 151ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1153901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMuh8O14u6BeaRDOspIUxwNVl9iDIiiV9hUTMjqc9GEEqUW4JYyAt05ORqffghRg7HS%2Fy66Tabf0M49mpLgmIvee5bsAAjNmH39CkugAd11pzHeWMHOE%2FYXp4NU4wWSCsnwm1Iwx6jMbFGMIEPfZff0w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 746457e76a1a020d-ZRH
expires: Sun, 27 Aug 2023 04:08:25 GMT

GET
H2 200 566cf5b9dbc948d49a5ff0343f47df35_newtransport-regular.woff
static.criteo.net/design/dt/ Frame 46B6 46 KB
46 KB 163ms
55ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/566cf5b9dbc948d49a5ff0343f47df35_newtransport-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c1388b141870140ecb273dd93fa5da560b147c1cfeece0530ac8b79af70929c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 15:25:46 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6286617a-b704"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Sep 2023 04:08:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 46B6 12 KB
6 KB 53ms
52ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Sep 2023 04:08:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 46B6 6 KB
7 KB 221ms
142ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=476&m=0&partner=92436&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F92436%2F220307%2F83f91eefd59442d8be6bbd5e3e2066d5_logo_moto.png&v=3&w=316&s=St6qAz3ydrBhncWxUnHSKItq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

befd4b47ad4c77be638ce22fee8a5dbcd048641b0ea6cb0bc85e1d08bf14e62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29937476
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6620
expires: Fri, 18 Aug 2023 16:06:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 46B6 60 KB
60 KB 113ms
34ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=92436&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F92436%2F220902%2F475706ac18a14a1f8b825bf74bab3d4a_img_square__0002_0f3cba10-5b6a-430a-a1d4-ef70489b38de.jpg&v=3&s=byhFa2T0tIMOtKJ5VGsKi9c4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

23ef1902c6bad480321b51796f7e8887bdbe81e7059cbd4cf07b15b23d5442cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31030818
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 61126
expires: Thu, 31 Aug 2023 07:48:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 46B6 45 KB
46 KB 113ms
34ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=92436&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F92436%2F220902%2F451406d4f8344ae99f2bb17d827ca748_img_square__0000_68894b76-72bf-4f11-a3cb-ccee96185793.jpg&v=3&s=Lqk6ly6Wg1Ku3L4N8pV3zuca

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

539885f9f6af113fe90c9f3c9a9b64de92e2a9d4c80dbfbe06a4d76fbab058ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31030818
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 46554
expires: Thu, 31 Aug 2023 07:48:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 46B6 46 KB
46 KB 214ms
135ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=92436&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F92436%2F220902%2Ff484c15442044c64aad21a9877ec082c_img_square__0001_967a615c-45eb-4732-930f-b46328bbd0b0.jpg&v=3&s=nKkMhoAaJQ0hz6Cd7qvsAzsg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

292666f4b13d4b581736eaa5b15e87e60764bdd2bd7c9f34ce007ca0327e0f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31030818
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 46738
expires: Thu, 31 Aug 2023 07:48:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 46B6 0
128 B 111ms
33ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ksMbGOz5OHI8EM9NNyNOz5xpon7L7l4o7ILvZ4l3xWUbFk91o6zTYv7PwTgLvUzoBu8my2eTEn1RjdtZ0Awa1g9YkPNKyiA8qNIL1svYPgAKs_gJ6pcFwJ7Ae4fOq-rJQVSIi0iXcok7Vwbfxr4X8JMBzTGxjUXsT6Adms07_4OShku0f1xaJojehlrRZi1zmsURW8NalarbclD799JVk5vnMmUkT2cn506fOsIYfrqZKZHWD1MO_D26Si60e9CmfPRJxg&sds=2&rev=82604.2&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Sep 2022 04:08:25 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 46B6 2 KB
1 KB 53ms
52ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Sep 2023 04:08:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 46B6 2 KB
1 KB 54ms
54ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Sep 2023 04:08:25 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/49044/ 28 KB
11 KB 129ms
128ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:35:01 GMT
server: nginx
etag: W/"63049f45-702f"
vary: Accept-Encoding
x-cached-since: 2022-09-01T09:32:51+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 02 Sep 2023 09:32:51 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/49044/ 42 KB
18 KB 142ms
141ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:35:02 GMT
server: nginx
etag: W/"63049f46-a793"
vary: Accept-Encoding
x-cached-since: 2022-09-01T09:32:39+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 02 Sep 2023 09:32:39 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/49044/ 13 KB
5 KB 131ms
130ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:54 GMT
server: nginx
etag: W/"63049f3e-326c"
vary: Accept-Encoding
x-cached-since: 2022-08-29T18:33:32+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 30 Aug 2023 18:33:32 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/49044/ 11 KB
4 KB 147ms
146ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:52 GMT
server: nginx
etag: W/"63049f3c-2a79"
vary: Accept-Encoding
x-cached-since: 2022-09-01T09:32:44+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 02 Sep 2023 09:32:44 GMT

GET
H2 200 5927ef40e4a80e0040be.b.js Show response
cdn.admixer.net/scripts3/49044/ 215 KB
74 KB 158ms
157ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/5927ef40e4a80e0040be.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:51 GMT
server: nginx
etag: W/"63049f3b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-09-01T09:32:51+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 02 Sep 2023 09:32:51 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
220 B 34ms
33ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.buhoblik.org.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 40ms
40ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=2eaa48283a634c91b96c2bf7a1445605&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=28&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=03b2a0de-8a37-4f65-91e1-89e1dbb3167f&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=2%2C5%2C495&ts=637980341050789569&ap=MA%3D%3D&asign=1163445703&sync=3%2C88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-6&pxl=0&pvid=097a84e0-7580-4836-afe8-10b68dc7b046&ip=217.138.196.103&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Sep 2022 04:08:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D84 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 18:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15929
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Sep 2023 18:41:46 GMT

GET
H3 200 dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 95DB 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 18:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15929
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Sep 2023 18:41:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 138ms
55ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25025c0a38113e0fe5bd1698c07418c96b280a9a4df015103d663cb13cee4637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11050
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BA50 15 KB
6 KB 162ms
54ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.buhoblik.org.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 04:08:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 660511
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 04:08:25 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame BA50
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=buhoblik.org.ua&sn=ChromeSyncframe&so=0&topUrl=www.buhoblik.org.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=8KJIM3xFSXNta3dTY1FGSUtPSGJ2NlAxTDJLSjBxSnU3blZITFBRbEczSUlCZWhLaU1IcDRpcDBjbmxhK01vNGdTU2lnc0JibzBVYjdmN1pPK1Y3WjJPdDh0aWd5WGsyQytnWUdPZWpZdjE0NHV1aEo1VmZtS1lESUZXRn...

425 B
648 B

124ms
35ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8KJIM3xFSXNta3dTY1FGSUtPSGJ2NlAxTDJLSjBxSnU3blZITFBRbEczSUlCZWhLaU1IcDRpcDBjbmxhK01vNGdTU2lnc0JibzBVYjdmN1pPK1Y3WjJPdDh0aWd5WGsyQytnWUdPZWpZdjE0NHV1aEo1VmZtS1lESUZXRnZTT3daclY2d09NbTZtT0dHaUs4RUJuTGljd09DY3lzV2M1ZCtCeG0zQVVmWUpRK0xSQmN2TWt3elZUYkZzVUpCTzI0QmZmenFaYUFuUnJJd1ZrZGdzbnY0ajRNZXd1T0V5TWI1K0phOXJlbHZUYmxHcHVwMEZUczNKQXV5aE1YbnhmdVROekx4WTdVMmpwZ01XV0xqdWxIUUk0U3VyQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

afa89988364e5d5f8c1a6ce52a3db275d0cab1abac406e022961f950df06cf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 04:08:25 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1344463
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 04:08:25 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=8KJIM3xFSXNta3dTY1FGSUtPSGJ2NlAxTDJLSjBxSnU3blZITFBRbEczSUlCZWhLaU1IcDRpcDBjbmxhK01vNGdTU2lnc0JibzBVYjdmN1pPK1Y3WjJPdDh0aWd5WGsyQytnWUdPZWpZdjE0NHV1aEo1VmZtS1lESUZXRnZTT3daclY2d09NbTZtT0dHaUs4RUJuTGljd09DY3lzV2M1ZCtCeG0zQVVmWUpRK0xSQmN2TWt3elZUYkZzVUpCTzI0QmZmenFaYUFuUnJJd1ZrZGdzbnY0ajRNZXd1T0V5TWI1K0phOXJlbHZUYmxHcHVwMEZUczNKQXV5aE1YbnhmdVROekx4WTdVMmpwZ01XV0xqdWxIUUk0U3VyQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 523497
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A21 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 22496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 21:53:30 GMT
expires: Tue, 05 Sep 2023 21:53:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FFAE 783 B
1 KB 143ms
54ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

273310232e4300efe428e4a19a072d42d06b539bc18f9cd5b1d4e72a42728696

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zS3dMZXukDczTMxlhlxDMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-zS3dMZXukDczTMxlhlxDMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 04:08:26 GMT
expires: Tue, 06 Sep 2022 04:08:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A21 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 18:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15929
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Sep 2023 18:41:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FFAE 0
0 75ms
74ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220831&jk=3630282065755911&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7A21 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q3t6yA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D48 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscgFGOvK6E2-KpCmbcJBpxFWXWjvmfdnfCb55H9YuuzzghJZNgMekCjdFyGfjq45SkVkRUk9nKJLYawkgcruUp2f1u&sig=Cg0ArKJSzP-snLjhQGIvEAE&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3078983205&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662437304655&rpt=668&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 04:08:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 46B6 0
127 B 34ms
33ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Sep 2022 04:08:26 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220831&jk=3630282065755911&bg=!g4ClgMTNAAZTikH4c4o7ACkAdvg8WmymddpXaTyBvp4En-aY1qTMbos1pWQn5vpK1p5KxxJO9udCbwIAAABbUgAAAANoAQeZAqcnYcSHfil_1AmQGDwd1nUM5tHi0hRMw_NWQ8YMmyffpOYEDIr0iLGJTho3cdCdA08BDwm3aUZnaf4Q443F_ZSEYAHypN2lDgKGT52lpFWrwdCQdqlItCx-s6BcO2g9li6uDKSSSehmH21U3PW2Cx6T-Rh2DPxI6UBNL06mywtdXMn7dKUZ0jtAcW9-0rcSBPrTkOQBfLlG1XIai_SOegAlel8MNz5XNq_NrDaLexBWEzih0WGOsiH_eofrC19qyKMAp13rKGgssCe-tYLI5kK_ezWRWFffNIEuogaZB2GFUHq-sJDM7SiswabW_QtbIRT3Gg6z7rm9L6RapsqfJky-awz120DZ0rdoPdv0qY8iy9jV9POmNfx6ClVIGkd12-S0QEA2uGo4xBo16BBzwk3Kk6mnxd73h60hZ8dXWGIU9zJlLO0tW5IRMvDGF1TdRxASdHr-P48aG5k-DNlxxn8sgDAkNkB8QykY7QZ2wKEJZq5QxP_bxi_kvdfeQ83fAxn7LbQg0Etawo9_HiGQDkRMFKSbDkWY04NHxPP3CUIvyWOc-ptiOXTy1KYGySIYW9k3YQD7emokf1mINiC7VxlNzsATM-sPAwdTLT8gmKlkALhnsPeBb0v0FEaydZO1sM6MvHPjSgoDTapc7n_tcKcoYIH7sDxuOlAniyY9j2bqfIAFetW-eKz4FUK5vEemwE0tenZaakcKvvsDLJpOetpURPK8ZvceXzBBv6BLbkU-f5PidMFfx7h6JTH78VjEcb7UoxcVHmjx0cij4XPeXV61wJd2RXQE1mkDJU1n0IqCCaFb88TN7vbT8X4cB54S17pLSUWNz7DHfW7UPlZNtxvYTPRkbjDrvQ8iAokmrrlGiHke99VBBuzaQXXG3j-snn76kD65PuMR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 40ms
39ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=dab6be62-b1e7-4d05-a12c-0a70b3291504

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Sep 2022 04:08:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 46B6 45 KB
46 KB 36ms
36ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

539885f9f6af113fe90c9f3c9a9b64de92e2a9d4c80dbfbe06a4d76fbab058ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:08:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31030814
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 46554
expires: Thu, 31 Aug 2023 07:48:43 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 07:56:53	Name: am-uid Value: 2eaa48283a634c91b96c2bf7a1445605
www.buhoblik.org.ua/	1969-12-31 23:59:59	Name: 54328dacc8285ec61fa19f90fac03db6 Value: 84b176322104f24c5dae36cbc89e583f
.buhoblik.org.ua/	1970-01-20 15:23:17	Name: __utma Value: 21695912.1856335902.1662437304.1662437304.1662437304.1
.buhoblik.org.ua/	1969-12-31 23:59:59	Name: __utmc Value: 21695912
.buhoblik.org.ua/	1970-01-20 10:10:05	Name: __utmz Value: 21695912.1662437304.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.buhoblik.org.ua/	1970-01-20 05:47:17	Name: __utmt Value: 1
.buhoblik.org.ua/	1970-01-20 05:47:19	Name: __utmb Value: 21695912.1.10.1662437304
.buhoblik.org.ua/	1970-01-20 15:08:53	Name: __gads Value: ID=faf3e47e14d79e96-227f2f2114ce002f:T=1662437304:RT=1662437304:S=ALNI_MZTYO1NIBs4Athjj9Odh5rwBJQj8g
xn--r1a.website/	1970-01-20 05:48:43	Name: stel_ssid Value: a5d31f9973cceea985_13402457973207320165
www.buhoblik.org.ua/	1969-12-31 23:59:59	Name: Value: store.test
tttttt.me/	1970-01-20 05:48:43	Name: stel_ssid Value: 5be47e9d472f45cf76_16011799837957923703
.admixer.net/	1970-01-20 07:56:53	Name: am-uid Value: 2eaa48283a634c91b96c2bf7a1445605
www.buhoblik.org.ua/	1970-01-20 05:57:22	Name: am-uid Value: 2eaa48283a634c91b96c2bf7a1445605
.doubleclick.net/	1970-01-20 15:08:53	Name: IDE Value: AHWqTUlw6gJu1eP557ABrqFDJ0QIKNmHzWYUm9yku4UK3h5ueJCnY3bJeadUet01zT8
.creativecdn.com/	1970-01-20 14:32:53	Name: u Value: WUEG3Tfk2dC8Bd0i9fj2
.creativecdn.com/	1970-01-20 14:32:53	Name: ts Value: 1662437305
.adnxs.com/	1970-01-20 07:56:53	Name: uuid2 Value: 7426362636926992862
.bidswitch.net/	1970-01-20 14:32:53	Name: tuuid Value: 06efb538-954a-4c8a-b3c7-2e7132762049
.bidswitch.net/	1970-01-20 14:32:53	Name: c Value: 1662437305
.bidswitch.net/	1970-01-20 14:32:53	Name: tuuid_lu Value: 1662437305
.adform.net/	1970-01-20 06:30:29	Name: C Value: 1
.adform.net/	1970-01-20 07:13:41	Name: uid Value: 2681412780112385473
.criteo.com/	1970-01-20 15:08:53	Name: uid Value: 9e10b6ec-05f4-40fa-8edc-dd02aa70bfba
.buhoblik.org.ua/	1970-01-20 15:08:53	Name: cto_bundle Value: 1Kd5Q19jeURnaGVaZXJ6ZCUyQkh4UmFRTHFzVTEzJTJCTzBQNlJGQ3hBcHpVNVN1UlBSblZNZGw5VUFockRuUEpGZDhHRUV1NHduc2xYRDVpbmlHc2x0WFJyTFJtcndBbXlhWFU1TjEyeWJjdHNrWFhyWHNVNmFidlZuMWYwdEpySjFtbHVRUk9STTZTb0o2SlFWYm5qWjkzJTJCakI2ekElM0QlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to frame 'https://tttttt.me/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://web.telegram.org".
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1662437303&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662437304485&bpp=3&bdt=430&idt=165&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6122302451440&frm=20&pv=1&ga_vid=1856335902.1662437304&ga_sid=1662437304&ga_hid=1373143959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760911%2C44767166&oid=2&pvsid=3630282065755911&tmod=1792198056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qU9ZIkztct&p=https%3A//www.buhoblik.org.ua&dtd=169 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
avto-oblik.com.ua
bidder.criteo.com
buhoblik.org.ua
c1.adform.net
cat.nl.eu.criteo.com
cdn.admixer.net
cdnjs.cloudflare.com
creativecdn.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image8.pubmatic.com
inv-nets.admixer.net
m.trafmag.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
ssl.google-analytics.com
static.criteo.net
tpc.googlesyndication.com
tttttt.me
www.buhoblik.org.ua
www.google.com
www.google.com.ua
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xn--r1a.website
146.0.227.109
178.250.2.131
178.250.2.135
178.250.2.146
178.250.2.148
178.250.2.150
185.184.8.90
193.200.65.6
198.47.127.18
2001:41d0:602:8bf::
2606:4700::6811:190e
2a00:1450:4001:800::2008
2a00:1450:4001:806::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a03:90c0:41:2801::254
2a06:6440:0:2d02::1
3.124.103.115
37.157.4.39
37.252.173.215
95.216.186.40
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
20440d8d772fd6e2b3612671c5d40681b61775d92b7be5ffaa431e049f4da6ec
23ef1902c6bad480321b51796f7e8887bdbe81e7059cbd4cf07b15b23d5442cb
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
25025c0a38113e0fe5bd1698c07418c96b280a9a4df015103d663cb13cee4637
273310232e4300efe428e4a19a072d42d06b539bc18f9cd5b1d4e72a42728696
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
292666f4b13d4b581736eaa5b15e87e60764bdd2bd7c9f34ce007ca0327e0f83
33b37bdd096eac62d8a92593f228d4e3ca1d9156a59bf106b6e84c0a8ccba3f6
377d27d86822418762eb956a7d4eec9823d6a9d3fd6f6d3ca0d63fdf374a0b69
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
49dacf8b423009eb00c64132a6a6a80e3be4b1399409ff2fcf27dead45657268
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
539885f9f6af113fe90c9f3c9a9b64de92e2a9d4c80dbfbe06a4d76fbab058ac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57a98a88ec6f844415f1b757316f23fb6bbb4df7e763dd0174b717a02d1efd97
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6a82502c1baab28ba6f410aa012fff53bd4f01d8de430e54589e583a0dc3ce80
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
6e85728e344c5be26a537f3f4aa1e3d8e91a8e4352eaf4dd1d25172539c9dbb2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
745e475947f127ea5cba2ab34b02650651fd519c6b53931f22112a743976d955
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
8078e7f4dad2305c556cc6c03a56d2d4d45a38588fd2fb21db8b83657db0e4dc
8254bac5419c381a92c107bb246de18f4c34ecdc334eda71789d7d890f6aaf21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f2170a918667c463b68656fb70938b83392d2b1d72bd062db5bddf491b44446
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9ef30e1b550e2e549a8a753c7409b7f50aa85ee11ac00740cac635b6ae2b5fa1
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9
a559f63f200d4c76b797df05ea8612cdffebd30eefdda005f343806f4ec2e9c3
a59b2b7f68396ac380b5f6ac62545c046b493f8884c0bea324c7dc0973c1f62d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab7a76acd513fe4799f8b46186ddd8665586652b14c6bce0dc19bd34f503d436
af978e4ad3b8cb0607d869d6299e1da24e8053273cebdb03e09635c216d5fe9f
afa89988364e5d5f8c1a6ce52a3db275d0cab1abac406e022961f950df06cf18
b1d47f72741022aa672eebf0486e07177ba344e5cba2bcd87c025f7ec0fc96c3
befd4b47ad4c77be638ce22fee8a5dbcd048641b0ea6cb0bc85e1d08bf14e62a
c1388b141870140ecb273dd93fa5da560b147c1cfeece0530ac8b79af70929c5
c332f5e3f0c91f905fb5e4d6c32206ccc5987a8370e462ea6bce8f4bdc6cb197
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd
d1b7fe86af06e8e43cfbf123341ce65582f0d3adaf494bce0b71351dba4e7b90
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfe06d200a4963b3da08554d4f1e769a11a84193228432758853b7d963c04e84
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.buhoblik.org.ua Open in urlscan Pro 2a06:6440:0:2d02::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

95 %HTTPS

59 %IPv6

24 Domains

36 Subdomains

30 IPs

8 Countries

1644 kBTransfer

3588 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

95 %
HTTPS

59 %
IPv6

24
Domains

36
Subdomains

30
IPs

8
Countries

1644 kB
Transfer

3588 kB
Size

24
Cookies

104 HTTP transactions
6 data transactions