www.44.ua Open in urlscan Pro
2606:4700:3037::6815:3381 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://44.ua/
Effective URL:
https://www.44.ua/
Submission: On July 20 via api (July 20th 2022, 5:54:34 am UTC) from GB — Scanned from GB

Summary HTTP 138 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 17 domains to perform 138 HTTP transactions. The main IP is 2606:4700:3037::6815:3381, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.44.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 18th 2022. Valid for: a year.

This is the only time www.44.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 13	2606:4700:303... 2606:4700:3037::6815:3381	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 41	2606:4700:303... 2606:4700:3030::ac43:b49c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	78.140.180.86 78.140.180.86	35415 (WEBZILLA) (WEBZILLA)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c29a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
16	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
138	24

13 2606:4700:3037::6815:3381 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

44.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.44.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.44.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:3030::ac43:b49c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.44.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.44.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.140.180.86 (Netherlands)

ASN35415 (WEBZILLA, NL)

content.mql5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:ef::5c7b:c29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

animate.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	44.ua 3 redirects 44.ua www.44.ua s.44.ua	1 MB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	350 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	189 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 138	100 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69 region1.google-analytics.com — Cisco Umbrella Rank: 2603	20 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 ajax.googleapis.com — Cisco Umbrella Rank: 350	70 KB
4	adobe.com animate.adobe.com — Cisco Umbrella Rank: 50403	110 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	127 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	1 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4409 www.google.co.uk — Cisco Umbrella Rank: 2790	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8351	1 KB
2	mql5.com content.mql5.com — Cisco Umbrella Rank: 50709	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	126 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	640 B
1	sendpulse.com cdn.sendpulse.com — Cisco Umbrella Rank: 22136	2 KB
138	17

	Domain	Requested by
40	s.44.ua	www.44.ua s.44.ua
16	tpc.googlesyndication.com	googleads.g.doubleclick.net
12	www.44.ua	1 redirects www.44.ua
10	fonts.gstatic.com	fonts.googleapis.com
9	pagead2.googlesyndication.com	www.44.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.44.ua
4	animate.adobe.com	s.44.ua
4	ajax.googleapis.com	s.44.ua
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	www.44.ua googleads.g.doubleclick.net
2	www.facebook.com	www.44.ua
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	www.44.ua connect.facebook.net
2	counter.yadro.ru	1 redirects www.44.ua
2	content.mql5.com	www.44.ua
2	www.googletagmanager.com	www.44.ua www.googletagmanager.com
2	44.ua	2 redirects
1	www.google.co.uk	www.44.ua
1	www.google.com	www.44.ua
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.44.ua
1	cdn.sendpulse.com	www.44.ua
138	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
t.me
twitter.com
www.youtube.com
viagrushka.44.ua
smakuy.44.ua
mc-yanzyuk.44.ua
hospice.44.ua
welovemebel.44.ua
knauf.44.ua
s.44.ua
apps.apple.com
citysites.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-18` - `2023-06-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
1603358863.rsc.cdn77.org R3	`2022-05-13` - `2022-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.mql5.com Sectigo ECC Domain Validation Secure Server CA	`2021-10-30` - `2022-10-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.adobe.com DigiCert SHA2 Secure Server CA	`2021-12-09` - `2022-12-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.44.ua/
Frame ID: 544458497A071601989F1AB2B3D484B3
Requests: 56 HTTP requests in this frame

Frame: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
Frame ID: BD77B7849DBD9EDAF8D96E55A842BD17
Requests: 20 HTTP requests in this frame

Frame: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Frame ID: B69442086E924137E6F0CA94461CF1E1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/zrt_lookup.html
Frame ID: 2BE634DD9356EDE6A8B3B2053286D282
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330
Frame ID: AE433878A187C61C27275262DFC98802
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&adk=1812271804&adf=3025194257&lmt=1658296468&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.44.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468423&bpp=1&bdt=1049&idt=337&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=342
Frame ID: D537D480FA1962618926420356D6A154
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468428&bpp=1&bdt=1054&idt=340&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2953&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Bik7MjhBxX&p=https%3A//www.44.ua&dtd=343
Frame ID: ABFC29F3763FB7EDCCB0E85A905C52C2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1658296468&psa=0&format=380x600&url=https%3A%2F%2Fwww.44.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468433&bpp=1&bdt=1058&idt=344&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0%2C1200x90&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tfFmCboweq&p=https%3A//www.44.ua&dtd=347
Frame ID: A6335D922BA735B2F3F33CDF21C065B6
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3DFE34DBEEFAF5E122D053D4C0FD42EE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js
Frame ID: 07F9DF9F7CB49B3367B51EBC659D0EC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js
Frame ID: DE586DF211DAA16E1B8BF8EF4B73D891
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js
Frame ID: A788A3DE542D64A4E453A3D157A8C238
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт Києва 44.ua - головні новини і події міста

Page URL History Show full URLs

http://44.ua/ HTTP 301
https://44.ua/ HTTP 301
http://www.44.ua/ HTTP 301
https://www.44.ua/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

99 %
HTTPS

87 %
IPv6

17
Domains

26
Subdomains

24
IPs

6
Countries

2699 kB
Transfer

6202 kB
Size

14
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Kiev44.ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kyiv_44.ua/

Search URL Search Domain Scan URL

URL: https://t.me/news44ua

Search URL Search Domain Scan URL

URL: https://twitter.com/kyiv44ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQLBnB-FgPvujY964D6tV5A

Search URL Search Domain Scan URL

URL: https://viagrushka.44.ua/
Title: Інтернет-магазин VIAGRUSHKA. Засоби для потенції +380(98)159-52-39

Search URL Search Domain Scan URL

URL: https://smakuy.44.ua/
Title: Смакуй, самогонные аппараты, домашние пивоварни, коптильни +380(67)011-42-82, +380(50)012-91-13

Search URL Search Domain Scan URL

URL: https://mc-yanzyuk.44.ua/
Title: Центр здоровья Людмилы Янзюк +380(96)891-19-11, +380(73)891-19-11

Search URL Search Domain Scan URL

URL: https://hospice.44.ua/
Title: Hospice +380(68)645-73-11

Search URL Search Domain Scan URL

URL: https://welovemebel.44.ua/
Title: WeLoveMebel - больше чем мебель +380(96)059-71-71, +380(95)715-56-76, +380(93)715-56-76, +380(44)334-64-97

Search URL Search Domain Scan URL

URL: https://knauf.44.ua/
Title: Knauf (KНАУФ), сухие строительные смеси, гипсокартон Киев +380 (44) 277-99-25 Грунтовки, +380 (44) 277-99-23 Профили, +380 (44) 277-99-29 Техподдержка, +380 (44) 277-99-54 Техподдержка

Search URL Search Domain Scan URL

URL: https://s.44.ua/upload/files/app-world-production-release.apk

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/citysites-global/id1417356016?l=ru

Search URL Search Domain Scan URL

URL: https://citysites.ua/franchise
Title: Франшиза "CitySites"

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://44.ua/ HTTP 301
https://44.ua/ HTTP 301
http://www.44.ua/ HTTP 301
https://www.44.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://counter.yadro.ru/hit;44ua?r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.47928304785463305 HTTP 302
https://counter.yadro.ru/hit;44ua?q;r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.47928304785463305

138 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.44.ua/
Redirect Chain

http://44.ua/
https://44.ua/
http://www.44.ua/
https://www.44.ua/

382 KB
72 KB

105ms
105ms

Document
text/html

2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fb88ee4075739b5da30570db0c1e35006e5b01bfc88268685bfce5a8a9ab508b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72d971389fad9bca-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 20 Jul 2022 05:54:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXH5twEe3ILQaHLtqqZ07fU7WmEwieF%2FUn1thSyWmLPa%2BCMAprXMCmQH%2B8qHfh9YKtWFaqDOhi5TfQiF6ufPz5yQxGEckE2Pgh1hhIImkeGuFaQ7BKCkOZJUQrlN95jukUMz2wEcIUY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

CF-RAY: 72d971382873693a-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 20 Jul 2022 05:54:27 GMT
Expires: Wed, 20 Jul 2022 06:54:27 GMT
Location: https://www.44.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lba6Q33VGzLGYXADLB3ZaOsNAQFoXEJn1lsjuhdBITAB2RIfi6QPHTSKDkmzko1%2FLantQdkfVAyZ04oz7eGKplW%2BDucwdmcz1NnFsJEzr%2BTN%2Feb38dKcvDNMmwKvimrURcvG5UJzc%2Bc%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 181ms
65ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 04:34:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Jul 2022 05:54:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Jul 2022 05:54:27 GMT

GET
H2 200 styles.7d8e5a5a1389165f513c.css
www.44.ua/ 79 KB
15 KB 77ms
77ms Stylesheet
text/css 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/styles.7d8e5a5a1389165f513c.css
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dc6a25c67652e0c543e6726ef605bb3a842a42f483bca64d315c9affa8d3cbdf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 930689
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 09 Jul 2022 10:41:32 GMT
server: cloudflare
etag: W/"13bdc-181e28cdf60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAhxR3oX3393PQ7saAIcGwbMH53ezQvLZD%2B7rGjXLibjsYdWMuvHzWrTpIQI23xaFcyRyv6culMYRP37qEEnd2CU3iBd46Y4aX14FqqhhICjxzR4TF6Gm%2FmHwc6OlLD9dgyCLG%2F6aiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72d9713948929bca-FRA

GET
H2 200 cap.jpg
www.44.ua/dist-assets/images/ 629 B
973 B 63ms
63ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.44.ua/dist-assets/images/cap.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1f45ec49ef8ba141166495912187578b9fd5b0a8e09f26ad217a51aa03d9e8c4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12239983
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 629
last-modified: Wed, 23 Feb 2022 07:49:59 GMT
server: cloudflare
etag: W/"275-17f258ef058"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4cO4U7PDqBuxVpRROmFQCtUd1%2BIUa4ImveD1vBW37QQVVDkR8Z6dCmAaV3%2BS2QWlOBxbDi7dISWIkCuRh9a3UIWQeXq6yuU3UQpUbY2Axvj2ZKnK6yJUha4%2BgNdlSqIbjHZQoJiGK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72d97139992a9bca-FRA

GET
H3 200 email-decode.min.js Show response
www.44.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 61ms
60ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.44.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 15 Jul 2022 15:34:34 GMT
server: cloudflare
etag: W/"62d1890a-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVmGZsv620lkanPSQuPe3HugA7bEdgvhCwuFdxGmsm%2F1UchQrtuyzdygBa7OBJKE%2BzxFOpv2CC6nsvCbkAh48XjFwCV10XXLm8fcBPGpwSBaECHGpaGo64j65nh0iZKHXFEjDwN2Ewc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d97139abfabbc7-FRA
vary: Accept-Encoding
expires: Fri, 22 Jul 2022 05:54:27 GMT

GET
H3 200 runtime-es2015.791a2c0d1ce08a0a7636.js Show response
www.44.ua/ 2 KB
2 KB 68ms
68ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/runtime-es2015.791a2c0d1ce08a0a7636.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 206bc1426917dc07b0ff430cda7ee9b7bc5a7159476d5b0352f7b1cec58652c4

Request headers

Referer: https://www.44.ua/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574252
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jul 2022 14:13:36 GMT
server: cloudflare
etag: W/"987-181f7e87680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7ZFb5UdrbLzIDwEjbu8i%2B1rNZoFyy8l6cu60lEhLhvwTXI9gUQdnb%2BKXB8g8KFA7Snjg23xFLEf2UsSJQcv3Wv8YNg3qGYNZfEYo%2BclMhrUUP0GmgH8H30cln7FF%2FovrSTMucjbO1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72d97139ac02bbc7-FRA

GET
H3 200 polyfills-es2015.b2765e0adb0cb550e072.js Show response
www.44.ua/ 37 KB
13 KB 70ms
69ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/polyfills-es2015.b2765e0adb0cb550e072.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6088e1e4c947d8629864ebef4328c11cd9cb780cfe8d4024e82e7b90a9f02c4c

Request headers

Referer: https://www.44.ua/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291475
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jul 2022 14:13:36 GMT
server: cloudflare
etag: W/"9326-181f7e87680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eliPG5%2BeiWobv6W5w9t4vhcK5K86n1aP1%2Bdp6X%2FpFvssHrzoUSLgtI8CeS61O6LW7J3HL7cKSoEYxqjw8WdAV3dAgav8I8Kaaw0VnjgE6jGz4zo79CykF8GOB1i%2F0BZhaBk7EXVN00%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72d97139ac03bbc7-FRA

GET
H3 200 main-es2015.256bd5e75aa6c48a0195.js Show response
www.44.ua/ 1 MB
389 KB 112ms
112ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/main-es2015.256bd5e75aa6c48a0195.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3fa2f5d03466ef5350138d72c1a94d9164adf128e4a594c09a43590f4208369d

Request headers

Referer: https://www.44.ua/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73602
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 19 Jul 2022 09:02:46 GMT
server: cloudflare
etag: W/"176853-18215b20af0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXeL1V%2FQR5p3lAxAVRJv2w5YSax91cgkAXA9%2FYC64ZPXHdkuvA8O%2FQ5d0Xm05caIyr5bN9yYkxJmOLqrl12yNIPWpeseorkr7Jh2hD1hB3WeoVWwLx7U5DzMRu8Bl%2B%2F7xNf9lBn9MAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72d97139ac04bbc7-FRA

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 247ms
130ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 22:33:26 GMT
x-content-type-options: nosniff
age: 26461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 22:33:26 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 265ms
148ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:45:21 GMT
x-content-type-options: nosniff
age: 76146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 08:45:21 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 171ms
55ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:09:50 GMT
x-content-type-options: nosniff
age: 110677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:09:50 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
9 KB 229ms
120ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6618b9e896668a4f31412b7be6751c198a88b157fc056d4932e41e7f6d38acf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 22:21:22 GMT
x-content-type-options: nosniff
age: 113585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9260
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 22:21:22 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
10 KB 216ms
109ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 22:41:28 GMT
x-content-type-options: nosniff
age: 25979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9692
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 22:41:28 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
9 KB 174ms
71ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 22:41:31 GMT
x-content-type-options: nosniff
age: 25976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9592
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 22:41:31 GMT

GET
H3 200 check-login Show response
www.44.ua/api3/auth/ 4 B
679 B 164ms
163ms XHR
application/json 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/api3/auth/check-login
Requested by: Host: www.44.ua
URL: https://www.44.ua/polyfills-es2015.b2765e0adb0cb550e072.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.44.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwLwotViiyKdeH1EAZpFLXcNODEMMJbNW9kBiYmVK7HMi6koa6kIFhUwskZU8Rjy7xnBN3NWyDHqNHmdvBbUh1r2bXrnMvHEyXE893XLeHJy%2BoT7ajdYxxgyr7k9C90akqonOLZBn6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-expose-headers
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 72d9713c5800bbc7-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 common-es2015.df507a8b061d69d1e913.js Show response
www.44.ua/ 7 KB
3 KB 61ms
61ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/common-es2015.df507a8b061d69d1e913.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/runtime-es2015.791a2c0d1ce08a0a7636.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 61eca17309586ff4b8a5463713a06052de061009c9ce335941e330a98b950060

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029715
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jul 2022 21:13:50 GMT
server: cloudflare
etag: W/"1a0b-181da830ab0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fgKIiOkPw4%2ByzBRTrXSj2oPwbq24Q%2Fl2HcAHyIKJCXVO2d7FOEnImscD7pta%2BVG9TAHPcnJX4gqi8ZXM8tVF%2B1HqA6J7egzzmQ5ssEKb6cbAenw0%2BCArw1gM8KrII4GiKWkZtGoN4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72d9713c5804bbc7-FRA

GET
H3 200 8-es2015.9eff69574804c1fc5a45.js Show response
www.44.ua/ 73 KB
15 KB 70ms
70ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/8-es2015.9eff69574804c1fc5a45.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/runtime-es2015.791a2c0d1ce08a0a7636.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 50ea5fd8c595c2f314dbb86478f09abd3e2467f701da75fc624fd28627cd9dbc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291473
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jul 2022 14:13:40 GMT
server: cloudflare
etag: W/"12258-181f7e88620"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaS6yIcnd9JNg8wyWoa7%2BfedS4%2FqwAQutuQKsnbE7uHGHt29%2BOqyw%2FjlHHyTfInLaJ8XzykRQDzOyYGx2UQYXYMQLsopxHgGxmN7ZUXao%2B523uwj4BapHX%2Fw5RBx8cL8v56iLXGjB24%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72d9713c5805bbc7-FRA

GET
H2 200 0e60e84b091e32245e3cbae1d2e5bc5c_0.js Show response
cdn.sendpulse.com/js/push/ 3 B
2 KB 198ms
54ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/js/push/0e60e84b091e32245e3cbae1d2e5bc5c_0.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/main-es2015.256bd5e75aa6c48a0195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 , United Kingdom, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com .googleoptimize.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 20 Jul 2022 05:54:28 GMT
x-content-type-options: nosniff
x-77-cache: HIT
x-cache: HIT
x-age: 415037
content-length: 3
x-xss-protection: 1; mode=block
x-77-nzt: Abk73BCUg9D/PVUGAA
x-accel-expires: @1658486231
x-sp-ma: sp-ma-0
last-modified: Thu, 16 Sep 2021 09:58:45 GMT
server: CDN77-Turbo
x-77-nzt-ray: X9F1sAoyo10
vary: User-Agent
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr7
cache-control: max-age=604800
etag: "3-5cc19dc491783"
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
accept-ranges: bytes
expires: Thu, 04 Nov 2021 16:21:47 GMT

GET
H3 200 i18n-base-es2015.e9d5ff8bcaf62b9395c7.js Show response
www.44.ua/ 100 KB
6 KB 62ms
61ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/i18n-base-es2015.e9d5ff8bcaf62b9395c7.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/runtime-es2015.791a2c0d1ce08a0a7636.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fdf544df1b3f5ce13216c6bf87984566f7bc6c0a6016458234598e9ae598e039

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291472
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jul 2022 14:13:38 GMT
server: cloudflare
etag: W/"18e82-181f7e87e50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ8zELwqpGfVZZLr4WYw7uIMBJVV5WbPWWHyeOeM5vpBko9vlm8lpMu%2BGB1efX1l5zQ3aoTvkrgSnp658yAtEdq6OrcRhgh1mJpovk59Dtoc6hD4yGMn0T8racP85LwSeXeE38WXrsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72d9713cd90cbbc7-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
55 KB 179ms
63ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Requested by

Host: www.44.ua
URL: https://www.44.ua/main-es2015.256bd5e75aa6c48a0195.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f93c031ded4a049aa9c86dd025f83c515fee7f6d29db249c04c91492af18da69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55757
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Jul 2022 05:54:28 GMT

GET
H2 200 business15801_62b47b93dc8f9.zip.html Show response
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/ Frame BD77 594 B
532 B 250ms
227ms Document
text/html 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
Requested by: Host: www.44.ua
URL: https://www.44.ua/main-es2015.256bd5e75aa6c48a0195.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a5b9bf598050a6a9815f073281a8c3573551f368c32f418cc3d54b9ad07e271

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=604800
cf-cache-status: DYNAMIC
cf-ray: 72d9713dcf119bca-FRA
content-encoding: br
content-type: text/html
date: Wed, 20 Jul 2022 05:54:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31qyqGvE38ZDjlQdlDrxZSX0aRlJf0rvs1BMzTvvIXEZgLOjJufQUKxN7Yivo1fsDmYYLGlYRvRgx1AS3eSiFVanKE6bhUIhKKBS6tEsK0xOrGfcT59ZjF6qV4WyyaQsj3dsJiqH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
56 KB 209ms
94ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/main-es2015.256bd5e75aa6c48a0195.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4b537c62126cd777d4b0d485462d659b702f24cb93106e3a39fa54591ea1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57071
x-xss-protection: 0
server: cafe
etag: 4935048723354411178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:54:28 GMT

GET
H2 200 mlinci380x620_62b0ac89bafee.zip.html Show response
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B694 592 B
593 B 198ms
198ms Document
text/html 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Requested by: Host: www.44.ua
URL: https://www.44.ua/main-es2015.256bd5e75aa6c48a0195.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f58f9a8e5dc91d465af6ec04f40d4c79156c3014c39f0268395d3390414bf6

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=604800
cf-cache-status: DYNAMIC
cf-ray: 72d9713ddf2d9bca-FRA
content-encoding: br
content-type: text/html
date: Wed, 20 Jul 2022 05:54:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVdlGtc5n5TcqJclXZnLW3e2kREPGl9BK2V8l794J5jwf%2FIwrIicMQuqbQSsR%2BYXacNUCRwKS3G0Kmp8RcM0SQH46lz5tppWm1sDHu3PeZK5bfU6XDINLRPM5EPXQDKCnMjBg9c8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 5303095768363679254120_62b4276d43468.jpg
s.44.ua/section/banners/upload/jackets/000/000/069/ 45 KB
45 KB 64ms
63ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/069/5303095768363679254120_62b4276d43468.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d4ed36f5cef56c64782ff670ac22553f6f109b1e3d23b13b6a5798d5460dc42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46142
last-modified: Thu, 23 Jun 2022 08:42:21 GMT
server: cloudflare
etag: 1655973741-x-1-0-46142
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqhOOlKnz47xAM5pzrymyDnw8ck82ZwljI0mwtg6KRY%2Bv89aCqvzn0vygz2NldKC6qOtMGCwNzO0K3KHDrz5AZ9dxx7gn73GI2L08tMx%2BuHErxlq0e4rssEdfbzlyjp4tJp3Pavt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713e4fa19bca-FRA

GET
H2 200 25341773382926998352_62c6ac96e8473.jpg
s.44.ua/section/banners/upload/jackets/000/000/070/ 71 KB
71 KB 82ms
82ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/070/25341773382926998352_62c6ac96e8473.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1de6bde192b8ef66858ff9604bac923ef64e98941e3a378864e43030097fba1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72407
last-modified: Thu, 07 Jul 2022 09:51:19 GMT
server: cloudflare
etag: 1657187479-x-1-0-72407
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vwx0on6ZkcY%2Fax0ZhlKl7aLtfhesttt4bRcFpSBzkt7h8kX7%2FE1589cNLIG9TWy1oInLdzM4hp7Gfs7%2BuGM6kebsh5gSRGmdfW3zmbVE5qJ7me%2B5XsDWZf56mGEa86izmEdcPJ92"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713e4fa39bca-FRA

GET
H2 200 1180x110_62b6279dd3193.jpg
s.44.ua/section/banners/upload/jackets/000/000/069/ 34 KB
34 KB 95ms
94ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/069/1180x110_62b6279dd3193.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337f7e7cc2848c9c41bc68cc0ee67c832ff4c832f9d36419a4d9cbe6d6ac6e23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34472
last-modified: Fri, 24 Jun 2022 21:07:42 GMT
server: cloudflare
etag: 1656104862-x-1-0-34472
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roxdr8iwD8ps%2FK47BrmICG5boWKojjWmXFnVqrAti0E6c7cL5ApiSGwHVngM%2BJFY%2Btx0HAqWZ6QVYsIcMw30nbgX3RUOwp%2BYwSqpvK2nRRwjH2gPVee18%2Fp8L97RHj6mlTmaecpO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713e4fa49bca-FRA

GET
H2 200 380x620_62b627b29ad04.jpg
s.44.ua/section/banners/upload/jackets/000/000/069/ 42 KB
43 KB 95ms
95ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/069/380x620_62b627b29ad04.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eb003496da1333a053ab804128b3d42539cdedee46755816f4bf64eb0c39b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43174
last-modified: Fri, 24 Jun 2022 21:08:02 GMT
server: cloudflare
etag: 1656104882-x-1-0-43174
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqHe%2F3pbssA8n9stJU6z2%2B%2BT2YTngqj3KXK1Qz%2BvnJ52cMwQqOVXZ35FQyM6V180C5%2BpierB3fX1UCrm%2BSlDoNa3kAvuBmKT7wN7mzTl3CNf8yCcJItAd6JOjdux7GETBfP68%2BND"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713e4fa59bca-FRA

GET
H2 200 header.webp
s.44.ua/section/header_image/upload/pers/22/ 52 KB
52 KB 81ms
81ms Image
image/webp 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/header_image/upload/pers/22/header.webp
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323d682f4b687b70141bc8af259298b5835f090e712fbdc107ebbe2d5656e0db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695053
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53240
last-modified: Wed, 22 Sep 2021 12:17:37 GMT
server: cloudflare
etag: 1632313057-1784x100-1-1-42654
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWQG8TuDojuKNsQOEuCpO1MwaWfwrKSV94ZqveWSpGBZoQEdkRbYvym677jRv5E1mz0eIQXH96T%2BlzvMW68iNc9x2DNI9DZs26111gVWio5M8qMKUssjgAw2ccJaLV%2FI3yjwUh9U"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713e5fbe9bca-FRA
expires: Fri, 12 Aug 2022 04:50:15 GMT

GET
H2 200 logo.png
s.44.ua/section/logo/upload/pers/22/ 14 KB
14 KB 81ms
81ms Image
image/png 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/logo/upload/pers/22/logo.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c745af997994c9f9f50aa0b625c00e41b303fee332b4a9f1a4266e3aa4e3d83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14180
last-modified: Wed, 08 Jun 2022 12:12:04 GMT
server: cloudflare
etag: 1654690324-400x80-0-1-14180
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gwl8MJwu0atsEzBY6TsNw9cXDlDt3OW4YzU8RUYPzcWAmVl%2FFxT7vqhD6wrHwvr%2BiAfJVXdRL8M994b4S%2BZbVbn1jVcp9GpgNcRhIEanvXY9kFI5LUkWEm1RXeZ7MZpAuR1Y7U83"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713e5fc19bca-FRA

GET
H3 200 29475182128479838821754467973624472882039694n_62d6c9c4c1855.jpeg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 73 KB
73 KB 62ms
61ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/29475182128479838821754467973624472882039694n_62d6c9c4c1855.jpeg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85212c2af981dd3222917c112e2313efc4ea561483eda571a4cd780208e7b39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36771
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74493
last-modified: Tue, 19 Jul 2022 15:12:11 GMT
server: cloudflare
etag: 1658243531-885x400-1-0-74877-
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzcvvlF%2F%2Bh%2FX3khr%2BjKOQSz9GNu5KQe3LGSJqxGP5DFZaq1en7fXWgUDagY7q%2FI0hrBJMevPxCbr2zSSMQesvCucwq0%2F6bhE0L5%2B9JxQwYSoGYflCo0ph6xPyXmZyT0nOF3KoYDM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713ecbe0bbc7-FRA
expires: Wed, 20 Jul 2022 19:17:05 GMT

GET
H3 200 twocolumn6fm7nlns_62d6bf83d710b.jpg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 50 KB
51 KB 65ms
65ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/twocolumn6fm7nlns_62d6bf83d710b.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d39434d91337b2664af821b99fa8aa5b6f52c8d7b52a38f2864d6fd5b1f2ba2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51463
last-modified: Tue, 19 Jul 2022 14:28:21 GMT
server: cloudflare
etag: 1658240901-885x400-1-0-51463-1658240926
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH3FNdgoyPFKhI7UYsh71hB330HvQAfxoPUnu49hmWs%2FUkJlNe%2F5XTOPHcG%2BqOG9lSwujWwVig%2Btm60VVlQ6S6qzGM%2FH2qSdq2pwkwFaY3BTK0H5gMFlh2tXCd0vJd0DdR5GTvV%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713ecbe2bbc7-FRA
expires: Wed, 20 Jul 2022 15:14:14 GMT

GET facecover_62c4099fc3728.jpg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 0
0

GET
H3 200 4485bf927a7d284458a94d3056092c65_62d67d6b38179.jpg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 53 KB
54 KB 67ms
65ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/4485bf927a7d284458a94d3056092c65_62d67d6b38179.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc095e39c1a05a2b0e5ae3ef38425e0fae15e674aec201c03596f9ddb29ffc3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54271
last-modified: Tue, 19 Jul 2022 09:46:24 GMT
server: cloudflare
etag: 1658223984-885x400-1-0-45299-
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITqsA7xwDoV816OzMP79DhjXNTUWcj8pAToHc6B%2FHZznCx7uqY0X7ZhrYzaMRJtHQ3wqmq8QANJUFMfG%2F6kcsrnSsFNIXaKY1KwVdHnul0IcrDgqfJEFVlKNx3DFwWNkjBcE3WRU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713ecbe4bbc7-FRA
expires: Wed, 20 Jul 2022 15:20:16 GMT

GET
H3 200 29424599122472032421236155820058537859734317nresult_62d56caa950cb.jpg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 22 KB
22 KB 157ms
156ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/29424599122472032421236155820058537859734317nresult_62d56caa950cb.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 225b64ca497594321b2d440180fb62fec90bf0da46f4fca9602698011b39bc28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22272
last-modified: Mon, 18 Jul 2022 14:22:35 GMT
server: cloudflare
etag: 1658154155-885x400-1-0-17155-
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK3w3ry6Go6UUyTdFFpvy%2Fxsa0%2FURBQvoh03BvvVUVcw9E1h9QPfTh2IS3TAcYo%2BmSF5W9OTIeN2ZvyHVdFX%2ByWUv6BKBmVTQxhKhKZsKDsQilFt5T5IIgOzruLcqik9klusL%2Ft8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713ecbe5bbc7-FRA
expires: Wed, 20 Jul 2022 09:54:57 GMT

GET
H3 200 1210497303654909521207336484534537403900621o_5f7f1b0473017.jpg
s.44.ua/section/poll_answer_poster/upload/images/polls/000/052/632/ 10 KB
11 KB 63ms
62ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/poll_answer_poster/upload/images/polls/000/052/632/1210497303654909521207336484534537403900621o_5f7f1b0473017.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5646c32757629240fd5946ac6d688e6632f5283f7499a03f1cd5268ad237442

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56886
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10539
last-modified: Thu, 08 Oct 2020 13:58:28 GMT
server: cloudflare
etag: 1602165508-300x300-0-0-10539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXEXTC3T1sCojm%2FosNnYULRXBSlOHY%2FkmTAMFdV5LiP4gBvrBzJ4Hrk4LSiLT53R1z8EL3soMW%2F1fkPTUN%2FZYZvnlC7Jp%2FTWE7dGSV9tMFazMlpka9qZFF3ib9Ib2e8V9TyQ8We9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713ecbe6bbc7-FRA

GET
H3 200 12105716136549093778740173966554266477053804o_5f7f1b0b66cb3.jpg
s.44.ua/section/poll_answer_poster/upload/images/polls/000/052/632/ 8 KB
8 KB 64ms
63ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/poll_answer_poster/upload/images/polls/000/052/632/12105716136549093778740173966554266477053804o_5f7f1b0b66cb3.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc6b1237b3289e82df0dce30c0ec9d62a016d571aebd51149f1741b55271704

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Wed, 20 Jul 2022 05:54:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56886
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7916
last-modified: Thu, 08 Oct 2020 13:58:35 GMT
server: cloudflare
etag: 1602165515-300x300-0-0-7916
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0Ecx%2BSFfXnv%2BpXrIww2u94OtHkqGydPfomCI0NG8%2FdGd65KIjP96YNeBAK8jRGGNX65qebRelP6qjtx6196aYPz1A67OUGod9FMOytOEpH2O5zB5KJZ8dOSxJUAkjhTbdcsuG4w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72d9713ecbe8bbc7-FRA

GET
H2 200 core.js Show response
content.mql5.com/ 33 KB
11 KB 180ms
48ms Script
text/javascript 78.140.180.86
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://content.mql5.com/core.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.140.180.86 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

Resource Hash

c227f98d208a46180b3619835a1dd967cf39c0fc9306eb5c880695652c7ac5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:27 GMT
content-encoding: br
last-modified: Mon, 18 Jul 2022 14:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=259200,proxy-revalidate,public,immutable
content-length: 10996
expires: Sat, 23 Jul 2022 05:54:28 GMT

GET
H/1.1

200
OK

hit;44ua
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;44ua?r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%...
https://counter.yadro.ru/hit;44ua?q;r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043...

43 B
528 B

94ms
93ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;44ua?q;r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.47928304785463305

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Jul 2022 05:54:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 19 Jul 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Jul 2022 05:54:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;44ua?q;r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.47928304785463305
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 19 Jul 2021 21:00:00 GMT

GET
H3 200 Untitled-2_edgePreload.js Show response
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B694 13 KB
6 KB 147ms
144ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e186bbc06b96cb2d5174b6d75cdda04f9cfc8d150a1fe2b6e35d711cac530e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:13 GMT
server: cloudflare
etag: W/"62b0ac89-35d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPxnlqsYcFik%2FKHB8OTiMrLMIwqx%2FIwrDlMpZKWmLZxVHPIJ5w0%2FBgMB2JQkrHXvSaNHDRLi8BQRDAUU7ig%2B2m33L09Y1oyJ%2FdblSjPE%2B9Kg2KJI%2F4KAT433TNm3c%2BGV2abWtclw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d9713f3c7abbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgePreload.js Show response
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/ Frame BD77 13 KB
6 KB 149ms
149ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgePreload.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f64a75c3feff9ed7a5fc4c933e551a59cef30cdb67767f1696d3fd8582b0d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Jun 2022 14:41:24 GMT
server: cloudflare
etag: W/"62b47b94-35da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meE2%2FkfX27rbJm0rv14eSrePr25DjgcDVu5e9CwE0CUS5hO0g24mJvSdpJQsy64qXexDWmSfWVduTOLuu8tAySqAC0vLCtNS2touzjEci7jnjVQ6a9uoqCpDgJ1az3lm8xzBFYEb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d9713f4cc8bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 176ms
67ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

347c899eaf239e9e56d2aa8c9dfa4d17123d4ea87b009811922e0773923ac5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72602
x-xss-protection: 0
expires: Wed, 20 Jul 2022 05:54:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 175ms
54ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2911
date: Wed, 20 Jul 2022 05:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 20 Jul 2022 07:05:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 183ms
58ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: 8RhMtASX6FUIRWEWaMkAEG+ZP1L0jqT2D1tFgDX+XaXJ7i+qz7SxnjtVe96XrFUVYsZnqfM82/IqvUy7ixhpqQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 20 Jul 2022 05:54:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/ Frame 2BE6 10 KB
5 KB 169ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 29786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 21:38:02 GMT
etag: 8616628553774171045
expires: Tue, 02 Aug 2022 21:38:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/ 341 KB
120 KB 187ms
78ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1997604921077896&plah=www.44.ua&bust=31068472

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eef889abdf1558527556cb260b9495c173b5dfadba27e00f573c481f313b4eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123222
x-xss-protection: 0
server: cafe
etag: 2091286211294075039
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:54:28 GMT

GET
H2 200 tr
content.mql5.com/ 70 B
252 B 49ms
48ms Image
image/png 78.140.180.86
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.mql5.com/tr?event=Visit&ref=https%3A%2F%2Fwww.44.ua%2F&id=flbkzwfjlzjkmcuplfbjtahzjwjipviczf&ssn=1658296468430565036&ssn_dr=0&ssn_sr=10&ssn_start=1&fv_date=1658296468&title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&scr_res=1600x1200&ac=165829646844065172&sv=2303&fz_uniq=6455785722475645588&an=%7B%22vn%22%3A%22Google%20Inc.%22%2C%22cd%22%3A24%2C%22dm%22%3A8192%2C%22ln%22%3A%22en-US%22%2C%22rn%22%3A%5B1600%2C1200%5D%2C%22ar%22%3A%5B1600%2C1200%5D%2C%22ss%22%3A1%2C%22lb%22%3A1%2C%22cb%22%3A1%2C%22ls%22%3A1%2C%22db%22%3A1%2C%22ax%22%3A0%2C%22pm%22%3A%22Win32%22%2C%22rp%22%3A%5B%22Chrome%20PDF%20Plugin%22%2C%22Chrome%20PDF%20Viewer%22%2C%22Native%20Client%22%5D%2C%22wv%22%3A%22Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine%22%2C%22to%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22hc%22%3A4%2C%22ab%22%3A0%2C%22ts%22%3A0%2C%22ps%22%3A%2220030107%22%2C%22od%22%3A0%2C%22dr%22%3A0%2C%22bb%22%3A0%2C%22bo%22%3A0%2C%22bl%22%3A0%2C%22bs%22%3A0%2C%22dt%22%3A11%7D

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.140.180.86 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

Resource Hash

e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:27 GMT
cache-control: no-cache
content-type: image/png
content-length: 70
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: -1

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame B694 8 KB
8 KB 55ms
54ms Image
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 11:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29440
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:43:18 GMT

GET
H2 200 edge.4.0.0.min.js
animate.adobe.com/runtime/4.0.0/ Frame B694 18 KB
18 KB 327ms
75ms Image
text/javascript 2a02:26f0:ef::5c7b:c29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Wed, 20 Jul 2022 06:09:28 GMT

GET
H3 200 Untitled-2_edge.js
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B694 2 KB
2 KB 158ms
158ms Image
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edge.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: W/"62b0ac8a-763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMyh4Mk3OBeGtAubK1BijJnaf2JOxnKZyZAx%2B7hDPoOAnDxVqNpXemcnG75TIV1EaQgP56sU5ZLqUmxe4vv76IMdXJXgsD09MjA2WMcKT1iqA3qx19YJslaw4Cj0%2FCIE%2BXrMt2mE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d971402da1bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B694 691 B
691 B 150ms
150ms Image
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgeActions.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: W/"62b0ac8a-2b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmNX30x5J4HVwQOCwToAhxEE%2FPKyPzMVwHkM87pCugtkpS2GiFneQdPtABopk%2FrYHSnoStbX2%2FzFlrE1CBf9Ng0DIfX6rAa8%2Blpl8dV8duhQpBwDfFIqWymmrI4Sd5%2FsY86p%2FDv7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d971402da3bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame BD77 2 KB
2 KB 74ms
73ms Image
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgePreload.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 11:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29440
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:43:18 GMT

GET
H2 200 edge.4.0.0.min.js
animate.adobe.com/runtime/4.0.0/ Frame BD77 18 KB
18 KB 302ms
62ms Image
text/javascript 2a02:26f0:ef::5c7b:c29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgePreload.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Wed, 20 Jul 2022 06:09:28 GMT

GET
H3 200 Untitled-2_edge.js
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/ Frame BD77 2 KB
2 KB 171ms
171ms Image
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edge.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
server: cloudflare
etag: W/"62b47b95-97a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5%2BvmYarluIfjMyigbI6hy7%2FtMBtgWS24rXq13iTOdbtwOsMIVFE1Qbr0lWm5DvCsmg1f1IbTlTzYu9%2BqkABWmHsCh%2Fu4312hM8no0uZjpOfvTneK8UJ3%2FMEAnb2oFpo51%2BFBfPJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d971403dbabbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/ Frame BD77 693 B
693 B 145ms
145ms Image
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgeActions.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
server: cloudflare
etag: W/"62b47b95-2b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DP4a3Z%2BZHJ6De4QeCmIHinFmu22V4ce2dGv2wY%2BE6YkT7VDi3dn4Sap4O%2BoareqAOFui355OjIScV7c8NSI%2FtXGC%2FwU5MTiaFt7HKIQkk0A8sYUeEaNlttr7WQUeHWeYUXIwEcl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d971403dbcbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame B694 82 KB
29 KB 174ms
55ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 11:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29440
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:43:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
441 B 175ms
55ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8955215-58&cid=2106036216.1658296469&jid=89042435&gjid=1718194548&_gid=1596073212.1658296469&_u=YGBAgEABAAAAAE~&z=1075153734

Requested by

Host: www.44.ua
URL: https://www.44.ua/polyfills-es2015.b2765e0adb0cb550e072.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.44.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Jul 2022 05:54:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.44.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 165ms
53ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1500610039&t=pageview&_s=1&dl=https%3A%2F%2Fwww.44.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=89042435&gjid=1718194548&cid=2106036216.1658296469&tid=UA-8955215-58&_gid=1596073212.1658296469&gtm=2wg7i05PBKBDZ&cd3=false&cd4=1658296468355.ml41scrg&cd5=2022-07-20T05%3A54%3A28.355%2B00%3A00&cd7=Yes&z=13489217

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51374
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 165ms
54ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1500610039&t=pageview&_s=1&dl=https%3A%2F%2Fwww.44.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAE~&jid=&gjid=&cid=2106036216.1658296469&tid=UA-8955215-58&_gid=1596073212.1658296469&gtm=2wg7i05PBKBDZ&cd3=false&cd4=1658296468404.7avoutj&cd5=2022-07-20T05%3A54%3A28.404%2B00%3A00&cd7=Yes&z=195924543

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51374
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame BD77 82 KB
29 KB 146ms
58ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgePreload.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 11:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29440
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:43:18 GMT

GET
H3 200 2718182741528799 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 167ms
105ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2718182741528799?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2049265d41ff8d1d889b6a7c84b58f0ebb67409484ec72d501074ab7a10643e0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: iGsZLmGYqtZT6DBcc+iuHMhts2yiAl0MbLl3AWOYZLLexP+qb0SUerUXTlw4wPnC6zGr60QnuCVbVhAfYClB2Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 20 Jul 2022 05:54:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658296468725
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 183ms
60ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HVMDDH6B1F&gtm=2oe7i0&_p=1500610039&_z=ccd.v9B&cid=2106036216.1658296469&ul=en-us&sr=1600x1200&_s=1&sid=1658296468&sct=1&seg=0&dl=https%3A%2F%2Fwww.44.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.44.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
640 B 205ms
61ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.44.ua&callback=_gfp_s_&client=ca-pub-1997604921077896

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1997604921077896&plah=www.44.ua&bust=31068472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

889e4494daf5d9e44022e9bf1ee37dc35aa72a3a41f813a138d0126ae7a62696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 193ms
63ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.44.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 177ms
62ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.44.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE43 88 KB
32 KB 660ms
552ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14402f4e51b09361c34cd2e804eb160cb4da315317653e6571a48a4e2bbe1209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32581
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 05:54:29 GMT
expires: Wed, 20 Jul 2022 05:54:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 198ms
82ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8955215-58&cid=2106036216.1658296469&jid=89042435&_u=YGBAgEABAAAAAE~&z=398980707

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 194ms
64ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8955215-58&cid=2106036216.1658296469&jid=89042435&_u=YGBAgEABAAAAAE~&z=398980707

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.44.ua%2F&tn=DIV&cls=foot-banner&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D537 116 B
114 B 241ms
147ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&adk=1812271804&adf=3025194257&lmt=1658296468&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.44.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468423&bpp=1&bdt=1049&idt=337&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=342

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 91
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 05:54:28 GMT
expires: Wed, 20 Jul 2022 05:54:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABFC 85 KB
30 KB 529ms
443ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468428&bpp=1&bdt=1054&idt=340&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2953&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Bik7MjhBxX&p=https%3A//www.44.ua&dtd=343

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

698a80ba6ff0c6da89fa3d6194cdac5c97c6b4edd7fb95abc0c01537f7a2a9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31049
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 05:54:29 GMT
expires: Wed, 20 Jul 2022 05:54:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A633 93 KB
33 KB 473ms
394ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1658296468&psa=0&format=380x600&url=https%3A%2F%2Fwww.44.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468433&bpp=1&bdt=1058&idt=344&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0%2C1200x90&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tfFmCboweq&p=https%3A//www.44.ua&dtd=347

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd160c5c17e11302f1a9d0237f4c908c2fe79bfc0ca283a2e12164306389bdbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33691
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 05:54:29 GMT
expires: Wed, 20 Jul 2022 05:54:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 edge.4.0.0.min.js Show response
animate.adobe.com/runtime/4.0.0/ Frame BD77 119 KB
37 KB 63ms
63ms Script
text/javascript 2a02:26f0:ef::5c7b:c29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgePreload.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 59d448078f834cd81b002a6e12409909f5715e1945d035b4833b62b9834cce2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Wed, 20 Jul 2022 06:09:28 GMT

GET
H2 200 edge.4.0.0.min.js Show response
animate.adobe.com/runtime/4.0.0/ Frame B694 119 KB
37 KB 103ms
102ms Script
text/javascript 2a02:26f0:ef::5c7b:c29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 59d448078f834cd81b002a6e12409909f5715e1945d035b4833b62b9834cce2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Wed, 20 Jul 2022 06:09:28 GMT

GET
H3 200 Untitled-2_edge.js Show response
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/ Frame BD77 2 KB
2 KB 64ms
63ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edge.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df674e0ef1dfb257a15c4ef246b1b3f244ee49c7dcf5d6770140775f8bc06bf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
server: cloudflare
age: 0
etag: W/"62b47b95-97a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZI5AsWZfqC1%2Bc28mL7TcqIl7M17V1anHa0oemmKpAzXiTYJnHofdlqbJuCHnKvjFtOmfmzDevV4f%2Fi7RbDpOFdyP0x8VprDUIRnFDea8NDeykEYsWQzaZ7gM3%2FaDJmH2rYnzOrT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d97142995cbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 184ms
55ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2718182741528799&ev=PageView&dl=https%3A%2F%2Fwww.44.ua%2F&rl=&if=false&ts=1658296468885&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658296468884.1839230475&it=1658296468587&coo=false&exp=u0&rqm=GET

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 20 Jul 2022 05:54:29 GMT

GET
H3 200 Untitled-2_edge.js Show response
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B694 2 KB
2 KB 60ms
60ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edge.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59640c1c4b3c56c15664901632f04ba3cc5b8db05eb243c0d700627c5501912a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
age: 0
etag: W/"62b0ac8a-763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khisV08BJYagtnUhA6ff4AvpmKiynB1uMyKKMRZSK1NHhOU62SoQ5GTZ1CzGmKdkv1birAFQj8bjs3hV3S36Xy2NlLLq8KrWcr%2BbO6EylvJxthvuP5BTeMQb0lYVGXXhjxDZGiMG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d97142d9adbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js Show response
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/ Frame BD77 693 B
901 B 61ms
61ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgeActions.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1a66ddc4131acd1b0aad1d0d26421866cf3c67c2e65f55856340a02f0a2ca54

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
server: cloudflare
age: 0
etag: W/"62b47b95-2b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgvqKzry6f60GHr6TYm6BBG8iyfEDFCfPopWzHEtjKal6nPKLUd6czmFtUlos2UIGNc%2FbbG%2F0jTgB1DW52cULXnIlyY5UoSOlh0vNULsJL4WpDHqQrGt9QSo1fOYFTaTPEpmbr3a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d9714309cfbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js Show response
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B694 691 B
906 B 61ms
60ms Script
application/javascript 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgeActions.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05f4bcca4ab7f481dc128f5f7cfbb7e3362f080ec41856d46dc937e62a3c528e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
age: 1
etag: W/"62b0ac8a-2b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUDBh7aIZqmqKybuTEE2ISs23ozQIX%2BhvYvjMv1%2FTXcV0sZfNasbga0lnK%2BtqrdlHrdCaOqoyP2PNArLLmPlqEIqz9uBKc7Yq47HR4kAJgyuT20V4k55PqdQ2i09iLrHS%2FxUmfQl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d971434a22bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 back.jpg
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 57 KB
58 KB 181ms
180ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/back.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05aceff2a5fa250a6864c6f57b86b3ff443344ae818a9723fdfd144614546835

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jun 2022 14:41:24 GMT
server: cloudflare
etag: "62b47b94-e554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gs%2F5263r18xJVoyjcKsKkD3VwY68UJztJc7sniYTEy3crSWU9CqBpSiDxdEOJa%2F0UdGmcob0j1qD0m87HljlOyd6YPKbZ%2BIXlUO2tV1KtJpG78N11QB0GGw1Hwy%2FrfWuBvw%2FUMkG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72d97143ba9bbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58708

GET
H3 200 sl5.png
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 12 KB
13 KB 137ms
135ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/sl5.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 034ae5e9fd80605cf29bf70a8283abf941560f280d6a1915fe535cf255de63ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
server: cloudflare
etag: "62b47b95-31e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6FZsxYBmwLQy2XZpsZ0G24sirN1sJkQxdLr5C5HshmmEWmBhKaVo0cItzOrarDNwJomF7qE5Piygh3KbcmEP8KIhHxnz1cNh08bNsrwGGeSDvAGtfxE2EUBktqELkTcP6%2FfT%2B1s"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72d97143ba9dbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12773

GET
H3 200 sl3.png
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 9 KB
9 KB 143ms
141ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/sl3.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dd13cc1f17a55757e0f9d45486669871dc5242404a4d477d6249eb4c5431bb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jun 2022 14:41:24 GMT
server: cloudflare
etag: "62b47b94-23cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q1L2I49%2BoH3s0dm5f9Q9%2BOdUNHX%2BMcYlT%2F4jDKdOPNzD%2FsL8ZBdwtZOB5ikkRlXmn%2FseH3bpb7P6EFgfh2FM%2FyuMkf1OajnMbVTJKsWRHu1krrubikTps7DDo41fYWvzjfHzc3f"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72d97143ba9ebbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9163

GET
H3 200 sl2.png
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 6 KB
6 KB 141ms
139ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/sl2.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26fd0eabca5a6c96527557f7da8d61cfad7dda41a63c46f958870eba1731bf80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
server: cloudflare
etag: "62b47b95-1666"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0q1Qd%2BBliywOP6oC1tCxvRUXFzVJtzWmmjvERNassRJ1AfmW6lVkOe8cEuQMcj1DFWldii%2B8NK6SWHEqY4Fm%2BB8ah9V2477o9ciYwBEo1VpFIXvE%2FW6EV5Xo%2B3SIRasiFFNgiMq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72d97143ba9fbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5734

GET
H3 200 sl1.png
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 7 KB
8 KB 144ms
142ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/sl1.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a81f69b6ac4cbb5ceeb192afc722847a67b19502002fe1be6dd7e0d1270f06

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jun 2022 14:41:24 GMT
server: cloudflare
etag: "62b47b94-1c78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nsra3gXdJR7Xq7zAA3I5RLqis42grDDOsHvRYC9vLm5D%2FXbaxJr8ASFnkNgOwA8uZPnytA%2FkBPlFvzi8toawgLKaQEK5qZFHtA7QVlsdAJnDnKLdtY9Uj%2B9DX8mBYC3QQRrnRGvW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72d97143baa0bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7288

GET
H3 200 back.jpg
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B694 114 KB
115 KB 189ms
188ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/back.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28de6798a356be73f715a4bf87b6f0c30d66c0e52d08c4196d5e6049bdebd202

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-1c890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CHjzCYSz4SDK%2F61ejZQtAPyrQk0M%2BZYkI2vraBZpTPk74mJNC8MgNJRv%2FCa3yerowsPHatmwFvhlKnPhVij7Z48S1B01Pty6LCD8tw5WOTpEIX%2BLX0HR%2BAYtCYQr7dyiETLERE5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72d97143dae0bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116880

GET
H3 200 sl2.png
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B694 13 KB
14 KB 142ms
142ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/sl2.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f1b1992c4b8ebd986428001b2fd1e5b8662408881109b52c8544687b341e51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-3577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84HXdKTN6tkXDa25g6l%2FVPgDoCjBsLsoZkCFGOdpmANKTFYZoYPJsUPZEO7uzM30Q6uLYSRi%2B%2Fq8qOoOQqEsAgChGTB1d0cM3rPqQBD5h5iPpXjijN6D0OFJpSBHDKSd5uOk6LWV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72d97143dae4bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13687

GET
H3 200 sl1.png
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B694 7 KB
8 KB 146ms
145ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/sl1.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 826447e87f27f823f9fb354c1d49f74015905795dec1aa558945747b41af87ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-1cf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OAtuUIDctpc8P0pQr9RxzCd2hBFSpPOpBBjpPa9YA8Htwdf%2FODfQotOlfqKFdeFrVkwUSop7vaRdNtmmI9UAXNF5FzW%2FslAHaokxz0sC31aKS1uuVd%2B21TrJMZX5xD7KuTIon%2BP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72d97143dae7bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7408

GET
H3 200 back.jpg
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 57 KB
58 KB 61ms
60ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/back.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05aceff2a5fa250a6864c6f57b86b3ff443344ae818a9723fdfd144614546835

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58708
last-modified: Thu, 23 Jun 2022 14:41:24 GMT
server: cloudflare
etag: "62b47b94-e554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6us4VrO7r%2BTKK8ppO%2FLXBYWDrduFNgKqPUZv1ae0M3NOtUFTeB6i404oGM5C6R%2B1agAfrwSF1x6dcp39WdK41JOuppHwTPOsFrVivtOxa2Xy75Hx8k%2FO5w%2BtQmZa9ZGQcmJkJLl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72d97144ec3fbbc7-FRA

GET
H3 200 sl5.png
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 12 KB
13 KB 62ms
59ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/sl5.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 034ae5e9fd80605cf29bf70a8283abf941560f280d6a1915fe535cf255de63ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12773
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
server: cloudflare
etag: "62b47b95-31e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl0QcPoC6d8uPzML1b9QkjEeGI8a7ypSYeKb2CrjRCgAft91qvR2ETtJcNEDqODNkQSMBNSX5ori7tbQDQ789JyhzwI0Zq0TwFquhudOmUZLaVF74WrydfeIuMgH246ZQhjfuYyi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72d97144ec42bbc7-FRA

GET
H3 200 sl3.png
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 9 KB
9 KB 62ms
60ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/sl3.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dd13cc1f17a55757e0f9d45486669871dc5242404a4d477d6249eb4c5431bb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9163
last-modified: Thu, 23 Jun 2022 14:41:24 GMT
server: cloudflare
etag: "62b47b94-23cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHtTCEN7d%2B6JHIoBmENWMQZKiMq%2FlqUuzw78SaVHyviJMakE7nWiUBkyFgX0ugbNoPcfUCI37Kzh3qaYR%2FdC380necM4hSxxKJa3IS6T%2F%2FtZ6i%2BEh%2F%2BZRjNwB9vmduFLtQg1ijrq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72d97144ec43bbc7-FRA

GET
H3 200 sl2.png
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 6 KB
6 KB 63ms
62ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/sl2.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26fd0eabca5a6c96527557f7da8d61cfad7dda41a63c46f958870eba1731bf80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5734
last-modified: Thu, 23 Jun 2022 14:41:25 GMT
server: cloudflare
etag: "62b47b95-1666"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syNJjaoURLVMAiU92mUkj4QufaUlM2NtEXSjaIt2R2Zmq1wQoH7CwG6UadKcFaOU7VP9oDe8utfrPFS3ZgKTUwTBd9no%2B3J%2FX8LDpWSA0eKGQQN7SzZDv8VJQTUpCZZdYCPKRSK8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72d97144ec44bbc7-FRA

GET
H3 200 sl1.png
s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/ Frame BD77 7 KB
8 KB 61ms
60ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/images/sl1.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a81f69b6ac4cbb5ceeb192afc722847a67b19502002fe1be6dd7e0d1270f06

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/business15801_62b47b93dc8f9.zip/business15801_62b47b93dc8f9.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1MCI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQzOTtzOjQ6ImxpbmsiO3M6MjA6Imh0dHA6Ly9tYXJ2aWwuY28udWEvIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7288
last-modified: Thu, 23 Jun 2022 14:41:24 GMT
server: cloudflare
etag: "62b47b94-1c78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIG25Brl28CQ1jLGOaJ60sNb4OQrXLh1ZytPtdrxdJzXgsCDX6RXl3LnNw%2FT9nyIWCA7tWDj8NoQ5WkYMeZghf1nsm7OBMkB4GU9DVb0sEcy31UAlmM0vH7sF5PLp2ZB64XqRAwT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72d97144ec46bbc7-FRA

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame A633 2 KB
936 B 290ms
173ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1658296468&psa=0&format=380x600&url=https%3A%2F%2Fwww.44.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468433&bpp=1&bdt=1058&idt=344&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0%2C1200x90&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tfFmCboweq&p=https%3A//www.44.ua&dtd=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:45:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A633 0
0 101ms
101ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIOOVlJjXYuaMOIutYuqznniV36KraeKkltTrD93ZHhABIKCS8BBgu76ug9AKoAGtlprZA8gBAagDAcgDywSqBO8BT9DuaH9WDBNJXxOQUJdx3GEgaehIaSGiA2dO4p84Nz9P-AjAXYq2ybwmBfLEHH9rVfwbs2Eif5jDuXDCjtyZNxxb0rDMj1WuhhsFfxvF66AoLdXCuxi2BFn75xVblC2X4HiesBBNy_8Xm7Vw3kNgFug3kLt_D_LLQpHSHUVEmRfnmDhNp7EVbMy6dj3TWoB-YQro1FhgkWKMI9cV9GJ1cQh0d830IYpSFv-87Ya3Wj1OP5zOTmdKdCinhqs1mJ4nF2Uv8EG7cc4qmnavQi8aLQrcXc4QA9X10a3PVRA1Zka9wVqHmqn0KMrmcdUpxCPABNzM0aCFA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe76eUmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQsvQC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk5NzYwNDkyMTA3Nzg5NhgA&sigh=mcumVXSpsPQ&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1658296468&psa=0&format=380x600&url=https%3A%2F%2Fwww.44.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468433&bpp=1&bdt=1058&idt=344&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0%2C1200x90&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tfFmCboweq&p=https%3A//www.44.ua&dtd=347
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 20 Jul 2022 05:54:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Jul 2022 05:54:29 GMT

GET
H3 200 back.jpg
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B694 114 KB
115 KB 62ms
62ms Image
image/jpeg 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/back.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28de6798a356be73f715a4bf87b6f0c30d66c0e52d08c4196d5e6049bdebd202

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116880
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-1c890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAO%2Fz%2BlDvh8x4L8jVY17NaZS3jesqT1L%2BclePwtywto95%2Fu5hVZNg%2B02odo1uD5QjZbmliCQNRNHGS4NPxTNi%2FXVr0HYOSCLHSAy3xeD9ERi23sboQiRLT1msCL01X3ZK1APggSe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72d971453ca1bbc7-FRA

GET
H3 200 sl2.png
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B694 13 KB
14 KB 60ms
60ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/sl2.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f1b1992c4b8ebd986428001b2fd1e5b8662408881109b52c8544687b341e51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13687
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-3577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avsIE%2FKSSl0YVfNMOm%2FdbniVfHo%2FXjHUkgW9v%2Bptb6AN%2BRQZPxfC0ExKs%2BsfyKx5pFF7IEcArTmcfzdK5pq5mkncBdRKWOXqeRboEgxvUyP168NwoZcAoGu11abPkBuRnbklqR9d"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72d971453ca2bbc7-FRA

GET
H3 200 sl1.png
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B694 7 KB
8 KB 61ms
60ms Image
image/png 2606:4700:3030::ac43:b49c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/sl1.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b49c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 826447e87f27f823f9fb354c1d49f74015905795dec1aa558945747b41af87ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7408
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-1cf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BHj2FkGNR9ELkxOvacfUSZC50xkByFFzLcPDMmeA6VQLMIS8e5M%2FK%2B36jzEgCi0jG1OAJEilrNoqsC8YWMCtIjuvosegIN7aSOkLPF%2BPI8Lb26cPJ%2BUrBigXl1jCr6lb%2F7EZknq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72d971453ca3bbc7-FRA

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame A633 21 KB
9 KB 164ms
53ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:26:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame A633 3 KB
1 KB 282ms
172ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:13:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A633 137 KB
43 KB 181ms
65ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 05:54:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame A633 17 KB
7 KB 219ms
110ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:05:30 GMT

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame A633 30 KB
13 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 14:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 14:05:04 GMT

GET
H2 200 4041688699977187305
tpc.googlesyndication.com/daca_images/simgad/ Frame A633 23 KB
24 KB 280ms
173ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4041688699977187305?w=360&h=640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efe3a88b7f68f7f8e2cafa527d3d1d4a225aa6e6c9501c812f2af8e5e79fe5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23948
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 05:47:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Jul 2022 05:54:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ABFC 4 KB
621 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468428&bpp=1&bdt=1054&idt=340&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2953&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Bik7MjhBxX&p=https%3A//www.44.ua&dtd=343

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 04:03:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Jul 2022 05:54:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Jul 2022 05:54:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame ABFC 2 KB
983 B 244ms
171ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:45:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABFC 0
0 104ms
104ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz3_clJjXYpCcOI-2YdD9n5AGydDn-Gq4xNHzsQ-V7K_WySgQASCgkvAQYLu-roPQCqABlefX1APIAQmoAwHIA8sEqgTrAU_Q4ViXnY6sQc1kQVS-x3rsXsPeod8sUliqH1WU0qZ-LtEZhiYQw3Fj5tGLgkkkfjVB7oK-vk9-xMFPuGaoSZHur1vcE2_UoEfyFMB6CtSmLxOx6BnmBuvyA9oumYQJ5i1xOm-DopUVlra13kQxMAXrtVKluMTx0eAfK-pE4OT6XBgOUc33coUajZWIjh7MqDYPRfJQbOSpojgyg7vUi_DgLEeR-sYgPTIychT1ZtSxbFxqq4Me1UB2M5XmtpAhcjdZeoHczy3WMQatmbFeFZdMBQZ1SymIo_8IA4-5vfccJp85TWsHnKECnTDABMnl9eztA5IFBAgEGAGSBQQIBRgEoAYugAfTmKgrqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ7OUC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMKiBQB0BUBmBYBgBcBshccChoIABIUcHViLTE5OTc2MDQ5MjEwNzc4OTYYAA&sigh=o2-Sdbhq2bg&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468428&bpp=1&bdt=1054&idt=340&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0&nras=1&correlator=290673013181&frm=20&pv=1&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2953&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Bik7MjhBxX&p=https%3A//www.44.ua&dtd=343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 20 Jul 2022 05:54:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Jul 2022 05:54:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame ABFC 21 KB
9 KB 129ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:26:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame ABFC 3 KB
1 KB 186ms
119ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:13:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame ABFC 17 KB
7 KB 135ms
69ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:05:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABFC 137 KB
42 KB 208ms
137ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 05:54:29 GMT

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame ABFC 30 KB
13 KB 133ms
62ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 14:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 14:05:04 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/7865604908204125656/ Frame ABFC 34 KB
35 KB 180ms
122ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7865604908204125656/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd35ac6269ea0da5b13c17f0b9c61304c296439c76bb641bf37a7c5c061371f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 05:14:19 GMT
x-content-type-options: nosniff
age: 261610
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35112
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:00:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Jul 2023 05:14:19 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8459176136241735230/ Frame ABFC 2 KB
2 KB 216ms
158ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8459176136241735230/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e5274e1e1f13cde8d0edb91a4ac677641664f6ed604b7fd7074e9bfa2ccd57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:55:41 GMT
x-content-type-options: nosniff
age: 395928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1785
x-xss-protection: 0
last-modified: Fri, 03 Apr 2020 20:21:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jul 2023 15:55:41 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3DFE 0
18 B 116ms
59ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.44.ua
Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.44.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 05:54:29 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 dfafa4fd47dd86b7cbcd5aa280f1fc74.js Show response
www.gstatic.com/mysidia/ Frame AE43 10 KB
4 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfafa4fd47dd86b7cbcd5aa280f1fc74.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 21:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4359
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 15 Oct 2022 21:59:58 GMT

GET
H2 200 7d437ff97c568f0c130253aeea572a1d.js Show response
www.gstatic.com/mysidia/ Frame AE43 18 KB
7 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d437ff97c568f0c130253aeea572a1d.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ea7325e98c755030255235be7af1b8ce93259d3867ec5af7382b522b953e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 17:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7315
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 17:03:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AE43 4 KB
621 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 03:58:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Jul 2022 05:54:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Jul 2022 05:54:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame AE43 2 KB
902 B 164ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:45:34 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame AE43 6 KB
2 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 16:55:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame AE43 21 KB
9 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame AE43 3 KB
1 KB 164ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:33:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE43 137 KB
42 KB 146ms
146ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 05:54:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame AE43 17 KB
7 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:05:30 GMT

GET
H3 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame AE43 30 KB
13 KB 162ms
53ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 14:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 14:05:04 GMT

GET
DATA 200
OK truncated
/ Frame ABFC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee43eb77c8d9b3a2ce92612acbae2b2f915d8cde145450e302cc7cddd7d1445a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A633 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428084d715a578b456d4967469b90e45aed4bb0e43190a701449f5bd2a32ff20

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/7330055355554980745/ Frame AE43 17 KB
17 KB 162ms
55ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7330055355554980745/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfe026899e0518cba1a1025b409cac2c0dc2a996a664010c44c43571c8e5b453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 16:33:57 GMT
x-content-type-options: nosniff
age: 220832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17679
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:10:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Jul 2023 16:33:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE43 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaEVElJjXYqiYN62QjuwPq5eJ2Am2our_apmTpICkEN3ZHhABIKCS8BBgu76ug9AKoAHu_PH2AsgBCagDAcgDywSqBPABT9CipabiytVsmbw99-LMQuzfao88jmtjqgAHSjgldRhrdXjVRj0MPwZX5tqkpM8S3toRtSSSOmGt9RmtoSRpTxVwR3WZoSTdlBnuygJ38OM_FQjdO8w4v-C0003QAK39Gui5lymNppo9D87G5OpspK6xi0GLVzrvTslBfBp4TUvLzSyi1hDKZSYLmJZJGgzr6n0seospeFrpkEWEX-CleLk-niLh5i8k6TAQKNL7IZ1gXJI4aGFoRwYNdYQcOIHELvHF2ZBDqkhhwJAcpCIhrzmn3K52vNSKSQsuHMhMK-OY_yGvGjFkijmet16SSKAVwATh_PvqgASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-oKOiQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDhswTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk5NzYwNDkyMTA3Nzg5NhgA&sigh=I517BMwDxCc&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 20 Jul 2022 05:54:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AE43 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e5a0a99072a440fe79476c6a2d07eb916749187b45199b3705b4e0c69a5721

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ABFC 15 KB
16 KB 167ms
56ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 133777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ABFC 15 KB
15 KB 164ms
54ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 125194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:07:55 GMT

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame 07F9 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 18:41:38 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE43 0
20 B 88ms
88ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDWJhbm5lckFUaHJvbmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAAAAKkAwBAoNEAMhAACAZmaqikAwBAoNEAohAAAAAM3MBEAwBAoNEA0hAAAAAAAAAAAwBAoNEB4qBzEyMDB4OTAwBAoNEBkqBzEyMDB4OTAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAAAAMzPDikAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAMUAwBAoNEAUhAACAzMzEikAwBAoNEBAhAAAAACAO4EAwBAoNEBEhAAAAAEA60EAwBAoNEBIhAAAAAAAAFEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAMzMrjUAwBBIaQ0tpeTJOX2podmtDRlMySWd3Y2RxMHNDbXciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7d437ff97c568f0c130253aeea572a1d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AE43 15 KB
16 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 133777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AE43 15 KB
15 KB 73ms
73ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 125194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:07:55 GMT

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame DE58 36 KB
14 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1658296468&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296468419&bpp=4&bdt=1044&idt=316&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=290673013181&frm=20&pv=2&ga_vid=2106036216.1658296469&ga_sid=1658296469&ga_hid=1500610039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068472%2C44766067%2C42531606&oid=2&pvsid=1195369871768548&tmod=223765390&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4heV6T8YUj&p=https%3A//www.44.ua&dtd=330

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 18:41:38 GMT

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame A788 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 18:41:38 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE43 0
20 B 90ms
90ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDWJhbm5lckFUaHJvbmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBQhAAAAAODb4kAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAABAZmagkEAwBAoNEDIhAAAAAJiZ2T8wBAoNEDMhAAAAAJiZ2T8wBAoNEDQhAAAAAJiZ2T8wBAoNEDUhAAAAAJiZ2T8wBAoNEDYhAAAAAJiZ2T8wBAoNEDchAAAAAJiZ2T8wBAoNEDghAAAAzMxsW0AwBAoNEDkhAACAZmaqhEAwBAoNEDohAACAzMw8hUAwBAoNEDshAACAzMwojUAwBAoNEDwhAACAzMwojUAwBAoNED0hAAAAMzMrjUAwBAoNED4hAAAAAAB6kEAwBAoNED8hAAAAAAB6kEAwBAoNEEAhAADAzMyokEAwBBIaQ0tpeTJOX2podmtDRlMySWd3Y2RxMHNDbXciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7d437ff97c568f0c130253aeea572a1d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
54ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1500610039&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.44.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Banner%20Place&ea=View&el=stretching_1_site&_u=aHDAgEABAAAAAE~&jid=&gjid=&cid=2106036216.1658296469&tid=UA-8955215-58&_gid=1596073212.1658296469&gtm=2wg7i05PBKBDZ&cd3=2106036216.1658296469&cd4=1658296470378.ozv80kzb&cd5=2022-07-20T05%3A54%3A30.378%2B00%3A00&cd7=Yes&z=1243665942

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51376
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
54ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1500610039&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.44.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Banner%20Place&ea=View&el=block_1_site&_u=aHDAgEABAAAAAE~&jid=&gjid=&cid=2106036216.1658296469&tid=UA-8955215-58&_gid=1596073212.1658296469&gtm=2wg7i05PBKBDZ&cd3=2106036216.1658296469&cd4=1658296470412.kkejwg8o&cd5=2022-07-20T05%3A54%3A30.412%2B00%3A00&cd7=Yes&z=49802261

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 15:38:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51376
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE43 42 B
64 B 204ms
91ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsua3pGUj1bwhk1mimuDKty-Our8xgLNLZEExPRc7tTV3ynzmHkM5-w7sJWNrlMeDkk7uQIbrAm70IOr8DNTOkcjvcCczz9g7EoE907-PqRtkjL--9Jl-IFPU4cXrb25EbYvbyZB7ir-V4CJ&sai=AMfl-YRA44OcF-2XoL3_qDrP-G6p1GAUb5wBj_3313FwdXhP0PuM4ZFo9o__7Cv8SBmPt9J_eh4AYOPmA_yZ&sig=Cg0ArKJSzCxl-IN3I1hzEAE&id=lidar2&mcvt=1000&p=0,0,90,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2784113653&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658296468751&rpt=1064&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 173ms
61ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HVMDDH6B1F&gtm=2oe7i0&_p=1500610039&_z=ccd.v9B&cid=2106036216.1658296469&ul=en-us&sr=1600x1200&sid=1658296468&sct=1&seg=1&dl=https%3A%2F%2Fwww.44.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.44.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:54:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.44.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.44.ua
URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/facecover_62c4099fc3728.jpg

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.44.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: ecee2a49978ae958324be88cdf4e75a6
.44.ua/	1970-01-27 11:57:28	Name: _fz_uniq Value: 6455785722475645588
.44.ua/	1970-01-27 11:57:28	Name: _fz_fvdt Value: 1658296468
.44.ua/	1970-01-20 04:38:18	Name: _fz_ssn Value: 1658296468430565036
.yadro.ru/	1970-01-20 13:23:20	Name: FTID Value: 1YrvYK0v4CuM1YrvYK001TnZ
.mql5.com/	1970-01-23 20:13:03	Name: _fz_uniq Value: 6455785722475645588
.44.ua/	1970-01-20 04:39:42	Name: _gid Value: GA1.2.1596073212.1658296469
.44.ua/	1970-01-20 04:38:16	Name: _dc_gtm_UA-8955215-58 Value: 1
.yadro.ru/	1970-01-20 13:23:20	Name: VID Value: 3yPOzY3LsX8M1YrvYK001ToQ
.44.ua/	1970-01-20 06:47:52	Name: _fbp Value: fb.1.1658296468884.1839230475
.44.ua/	1970-01-20 13:59:52	Name: __gads Value: ID=dbbac883e05d32a1-221702e5d0cd0018:T=1658296468:RT=1658296468:S=ALNI_Mb_8t5XDmZIX43Fwq5J7McPGg5c1g
.doubleclick.net/	1970-01-20 13:59:52	Name: IDE Value: AHWqTUm4gxxf5rEf2BErd151Wl1o7-oekyapu3qEfwHxzd1ZXoHkgg-blVycE3n-9OY
.44.ua/	1970-01-20 22:09:28	Name: _ga Value: GA1.2.2106036216.1658296469
.44.ua/	1970-01-20 22:09:28	Name: _ga_HVMDDH6B1F Value: GS1.1.1658296468.1.1.1658296470.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44.ua
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
animate.adobe.com
cdn.sendpulse.com
connect.facebook.net
content.mql5.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s.44.ua
stats.g.doubleclick.net
tpc.googlesyndication.com
www.44.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
s.44.ua
172.217.16.194
2001:4860:4802:34::36
2606:4700:3030::ac43:b49c
2606:4700:3037::6815:3381
2a00:1450:4001:801::2008
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c06::9d
2a02:26f0:ef::5c7b:c29a
2a02:6ea0:c700::10
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
78.140.180.86
88.212.201.198
01f64a75c3feff9ed7a5fc4c933e551a59cef30cdb67767f1696d3fd8582b0d9
034ae5e9fd80605cf29bf70a8283abf941560f280d6a1915fe535cf255de63ee
05aceff2a5fa250a6864c6f57b86b3ff443344ae818a9723fdfd144614546835
05f4bcca4ab7f481dc128f5f7cfbb7e3362f080ec41856d46dc937e62a3c528e
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0c4b537c62126cd777d4b0d485462d659b702f24cb93106e3a39fa54591ea1f0
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
0e186bbc06b96cb2d5174b6d75cdda04f9cfc8d150a1fe2b6e35d711cac530e1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14402f4e51b09361c34cd2e804eb160cb4da315317653e6571a48a4e2bbe1209
1de6bde192b8ef66858ff9604bac923ef64e98941e3a378864e43030097fba1d
1f45ec49ef8ba141166495912187578b9fd5b0a8e09f26ad217a51aa03d9e8c4
2049265d41ff8d1d889b6a7c84b58f0ebb67409484ec72d501074ab7a10643e0
206bc1426917dc07b0ff430cda7ee9b7bc5a7159476d5b0352f7b1cec58652c4
225b64ca497594321b2d440180fb62fec90bf0da46f4fca9602698011b39bc28
24a81f69b6ac4cbb5ceeb192afc722847a67b19502002fe1be6dd7e0d1270f06
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121
26fd0eabca5a6c96527557f7da8d61cfad7dda41a63c46f958870eba1731bf80
28de6798a356be73f715a4bf87b6f0c30d66c0e52d08c4196d5e6049bdebd202
29e5a0a99072a440fe79476c6a2d07eb916749187b45199b3705b4e0c69a5721
2c745af997994c9f9f50aa0b625c00e41b303fee332b4a9f1a4266e3aa4e3d83
2dd13cc1f17a55757e0f9d45486669871dc5242404a4d477d6249eb4c5431bb7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8
30f58f9a8e5dc91d465af6ec04f40d4c79156c3014c39f0268395d3390414bf6
323d682f4b687b70141bc8af259298b5835f090e712fbdc107ebbe2d5656e0db
337f7e7cc2848c9c41bc68cc0ee67c832ff4c832f9d36419a4d9cbe6d6ac6e23
347c899eaf239e9e56d2aa8c9dfa4d17123d4ea87b009811922e0773923ac5f7
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d4ed36f5cef56c64782ff670ac22553f6f109b1e3d23b13b6a5798d5460dc42
3fa2f5d03466ef5350138d72c1a94d9164adf128e4a594c09a43590f4208369d
428084d715a578b456d4967469b90e45aed4bb0e43190a701449f5bd2a32ff20
4a5b9bf598050a6a9815f073281a8c3573551f368c32f418cc3d54b9ad07e271
50ea5fd8c595c2f314dbb86478f09abd3e2467f701da75fc624fd28627cd9dbc
59640c1c4b3c56c15664901632f04ba3cc5b8db05eb243c0d700627c5501912a
59d448078f834cd81b002a6e12409909f5715e1945d035b4833b62b9834cce2f
5bd35ac6269ea0da5b13c17f0b9c61304c296439c76bb641bf37a7c5c061371f
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
5fc6b1237b3289e82df0dce30c0ec9d62a016d571aebd51149f1741b55271704
6088e1e4c947d8629864ebef4328c11cd9cb780cfe8d4024e82e7b90a9f02c4c
61eca17309586ff4b8a5463713a06052de061009c9ce335941e330a98b950060
6618b9e896668a4f31412b7be6751c198a88b157fc056d4932e41e7f6d38acf6
698a80ba6ff0c6da89fa3d6194cdac5c97c6b4edd7fb95abc0c01537f7a2a9ee
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
826447e87f27f823f9fb354c1d49f74015905795dec1aa558945747b41af87ef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
889e4494daf5d9e44022e9bf1ee37dc35aa72a3a41f813a138d0126ae7a62696
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d39434d91337b2664af821b99fa8aa5b6f52c8d7b52a38f2864d6fd5b1f2ba2
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a40eb003496da1333a053ab804128b3d42539cdedee46755816f4bf64eb0c39b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5646c32757629240fd5946ac6d688e6632f5283f7499a03f1cd5268ad237442
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a5ea7325e98c755030255235be7af1b8ce93259d3867ec5af7382b522b953e8f
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555
b85212c2af981dd3222917c112e2313efc4ea561483eda571a4cd780208e7b39
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
c227f98d208a46180b3619835a1dd967cf39c0fc9306eb5c880695652c7ac5e5
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd160c5c17e11302f1a9d0237f4c908c2fe79bfc0ca283a2e12164306389bdbe
cfe026899e0518cba1a1025b409cac2c0dc2a996a664010c44c43571c8e5b453
dc095e39c1a05a2b0e5ae3ef38425e0fae15e674aec201c03596f9ddb29ffc3a
dc6a25c67652e0c543e6726ef605bb3a842a42f483bca64d315c9affa8d3cbdf
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df674e0ef1dfb257a15c4ef246b1b3f244ee49c7dcf5d6770140775f8bc06bf8
e1e5274e1e1f13cde8d0edb91a4ac677641664f6ed604b7fd7074e9bfa2ccd57
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7f1b1992c4b8ebd986428001b2fd1e5b8662408881109b52c8544687b341e51
ee43eb77c8d9b3a2ce92612acbae2b2f915d8cde145450e302cc7cddd7d1445a
eef889abdf1558527556cb260b9495c173b5dfadba27e00f573c481f313b4eae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe3a88b7f68f7f8e2cafa527d3d1d4a225aa6e6c9501c812f2af8e5e79fe5f9
f1a66ddc4131acd1b0aad1d0d26421866cf3c67c2e65f55856340a02f0a2ca54
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f93c031ded4a049aa9c86dd025f83c515fee7f6d29db249c04c91492af18da69
fb88ee4075739b5da30570db0c1e35006e5b01bfc88268685bfce5a8a9ab508b
fdf544df1b3f5ce13216c6bf87984566f7bc6c0a6016458234598e9ae598e039

www.44.ua Open in urlscan Pro 2606:4700:3037::6815:3381 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

87 %IPv6

17 Domains

26 Subdomains

24 IPs

6 Countries

2699 kBTransfer

6202 kBSize

14 Cookies

14 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.44.ua Open in urlscan Pro
2606:4700:3037::6815:3381 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

87 %
IPv6

17
Domains

26
Subdomains

24
IPs

6
Countries

2699 kB
Transfer

6202 kB
Size

14
Cookies

138 HTTP transactions
3 data transactions