cryptoukr.in.ua Open in urlscan Pro
2a01:4f9:3a:3c13::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cryptoukr.in.ua/
Effective URL:
https://cryptoukr.in.ua/
Submission: On December 11 via api (December 11th 2022, 2:15:06 am UTC) from GB — Scanned from GB

Summary HTTP 189 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 10 countries across 34 domains to perform 189 HTTP transactions. The main IP is 2a01:4f9:3a:3c13::1, located in Germany and belongs to HETZNER-AS, DE. The main domain is cryptoukr.in.ua.
TLS certificate: Issued by R3 on November 18th 2022. Valid for: 3 months.

This is the only time cryptoukr.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2a01:4f9:3a:3... 2a01:4f9:3a:3c13::1	24940 (HETZNER-AS) (HETZNER-AS)
23	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a0d:da00:a:4... 2a0d:da00:a:401c::	205072 (LAYERSHIFT) (LAYERSHIFT)
7	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a0d:da00:a:4... 2a0d:da00:a:4018::	205072 (LAYERSHIFT) (LAYERSHIFT)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	88.198.1.29 88.198.1.29	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 27	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
6 6	3.122.66.11 3.122.66.11	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
18	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2607:f8b0:400... 2607:f8b0:4007:80a::2003	15169 (GOOGLE) (GOOGLE)
2	142.251.5.157 142.251.5.157	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.123.143.143 3.123.143.143	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:a85c:a571:e676:b675	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	23.3.109.122 23.3.109.122	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401f:6::a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:34::9	15169 (GOOGLE) (GOOGLE)
189	39

14 2a01:4f9:3a:3c13::1 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cryptoukr.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0d:da00:a:401c:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

appsha-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0d:da00:a:4018:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

apps-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.1.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.1.29.clients.your-server.de

maanimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.maanimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 216.58.212.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.30 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.122.66.11 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-11.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4007:80a::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.5.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.143.143 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-143-143.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:a85c:a571:e676:b675 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.3.109.122 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-109-122.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401f:6::a (Ireland)

ASN15169 (GOOGLE, US)

r5---sn-aigzrn76.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:34::9 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r4---sn-aigzrn7d.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 81 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 bid.g.doubleclick.net — Cisco Umbrella Rank: 701	161 KB
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	429 KB
26	criteo.net static.criteo.net — Cisco Umbrella Rank: 662 pix.eu.criteo.net — Cisco Umbrella Rank: 11597 csm.eu.criteo.net — Cisco Umbrella Rank: 11957	230 KB
14	cryptoukr.in.ua 1 redirects cryptoukr.in.ua	414 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	152 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 imasdk.googleapis.com — Cisco Umbrella Rank: 416	274 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 944 r5---sn-aigzrn76.c.2mdn.net — Cisco Umbrella Rank: 312519 r4---sn-aigzrn7d.c.2mdn.net — Cisco Umbrella Rank: 434076	2 MB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 18634 ads.eu.criteo.com — Cisco Umbrella Rank: 11394 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 22192 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 14290	85 KB
5	ctengine.io appsha-pnd.ctengine.io — Cisco Umbrella Rank: 440230 apps-pnd.ctengine.io — Cisco Umbrella Rank: 305875 cdn.ctengine.io — Cisco Umbrella Rank: 256006	37 KB
4	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 727	982 B
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413	4 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 350	1 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 639	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	141 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 7344 www.google.co.uk — Cisco Umbrella Rank: 4516	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1250	464 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 743 r.turn.com — Cisco Umbrella Rank: 3406	869 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5026	653 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 795 s.tribalfusion.com — Cisco Umbrella Rank: 1875	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 718	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 604	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 680	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4786	744 B
2	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1918	292 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 810	1 KB
2	maanimo.com maanimo.com api.maanimo.com	16 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418	712 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2681	104 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 321	459 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 591	191 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	700 B
189	34

	Domain	Requested by
27	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net cryptoukr.in.ua
23	pagead2.googlesyndication.com	cryptoukr.in.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
18	static.criteo.net	ads.eu.criteo.com static.criteo.net
14	cryptoukr.in.ua	1 redirects cryptoukr.in.ua
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.google.com	1 redirects cryptoukr.in.ua googleads.g.doubleclick.net tpc.googlesyndication.com
7	fonts.googleapis.com	cryptoukr.in.ua googleads.g.doubleclick.net
6	x.bidswitch.net	6 redirects
6	fonts.gstatic.com	fonts.googleapis.com
5	pix.eu.criteo.net	ads.eu.criteo.com
4	csi.gstatic.com	imasdk.googleapis.com
4	onetag-sys.com	2 redirects googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	imasdk.googleapis.com	googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	eb2.3lift.com	3 redirects
3	c1.adform.net	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google-analytics.com	cryptoukr.in.ua www.google-analytics.com
2	r4---sn-aigzrn7d.c.2mdn.net	cryptoukr.in.ua
2	r5---sn-aigzrn76.c.2mdn.net	cryptoukr.in.ua
2	gcdn.2mdn.net	2 redirects
2	sync.teads.tv	1 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pool.admedo.com	2 redirects
2	tr.blismedia.com	googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	apps-pnd.ctengine.io	appsha-pnd.ctengine.io
2	appsha-pnd.ctengine.io	cryptoukr.in.ua appsha-pnd.ctengine.io
1	r.turn.com
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	cryptoukr.in.ua
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.co.uk	cryptoukr.in.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.maanimo.com	maanimo.com
1	cdn.ctengine.io	cryptoukr.in.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	maanimo.com	cryptoukr.in.ua
189	55

This site contains no links.

Subject Issuer	Validity	Valid
cryptoukr.in.ua R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.ctengine.io Gandi Standard SSL CA 2	`2022-01-13` - `2023-01-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
maanimo.com R3	`2022-11-07` - `2023-02-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
api.maanimo.com R3	`2022-08-08` - `2022-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-29` - `2023-02-07`	2 months	crt.sh

This page contains 22 frames:

Primary Page: https://cryptoukr.in.ua/
Frame ID: 8B067F1086308F9CCB5E1504622B2D77
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: DD27B13489D982FC2A4584F5F2F1E208
Requests: 1 HTTP requests in this frame

Frame: https://maanimo.com/widget/crypto?maanimo-widget_crypto-ticker=%3Ca%20href%3D%22https%3A%2F%2Fmaanimo.com%2Fcryptocurrency%22%20rel%3D%22nofollow%22%20target%3D%22_blank%22%3E%D0%9A%D1%83%D1%80%D1%81%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%3C%2Fa%3E
Frame ID: 4023797EC28D53E456D34AB01F56E62F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&adk=1812271804&adf=3025194257&lmt=1670724899&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fcryptoukr.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724899318&bpp=5&bdt=272&idt=292&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2712632659574&frm=20&pv=2&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=309
Frame ID: 787A222221E607729AA343304656C961
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1246383015&adf=3306259287&pi=t.aa~a.3414242075~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=2&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0&nras=2&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6KqrlhUuZS&p=https%3A//cryptoukr.in.ua&dtd=7
Frame ID: 47C26A24894AAB307992B8CE96BB281A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3912392049&adf=451160530&pi=t.aa~a.2860992541~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1157&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280&nras=3&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jRgE1Xd6GA&p=https%3A//cryptoukr.in.ua&dtd=12
Frame ID: E98AD9C3A682DC1A1D920A72F78E6860
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1105446124&adf=2157031148&pi=t.aa~a.2689954535~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Ue6BF89Nmc&p=https%3A//cryptoukr.in.ua&dtd=15
Frame ID: 864DFA72333B2F57B162B92F8535C63A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.1998631716~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=0&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1200x280&nras=5&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=CqVRpNX3hs&p=https%3A//cryptoukr.in.ua&dtd=18
Frame ID: 46F32D9F0AE5B753B208D2295FDE64DB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: D6E9568C83E76FCF531A94E4E1750B19
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5U9JAAD2CoH_Z-uAADiZ5v6a1606uOu-o9dFw&u=%7CLafiglRaK%2BiUPOYiJMOEqFLIJw03zLaUnPi0FoqknAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcVrwsIcAYMSp9NJJxHgFAXQznsbsnR4vLycrLKtw4N_CBhoI4-BlZ3P_mD7f2pWmNlXN2-eKW8BBFTycCadJZZ8D4JlH8aYHaxtID8v2H7Z9UV6tA-TnrjZ-mG7TbMI2eo4sBtAz24eFii-fJ0y97ofP2bLA4bHNsTky3NYdnjKK0s7M0ySMMOJlZ8wPa9HGDwhi6yfW90lkxNSBfhljZqxmZ881gd5BmJ7jkjyW75gYb8lYjFXykZZ9ErRYhty3RZdjtW7-gNMVGWvMgodTM0NfjEpczMZkHrHwzCZSeRqIV1gxXxp_pKwXH98J4Ds0TV9d2sW_Cnadg3yNuBLrOxTp6jFgo0mMw1eWJ9XziHJch169lY2kZede-j_RMpV_OCwzs6Q43SYnxuDvrlA8tv0RZTsCMmDDUQsYtlCmEaAhBQsHHzmIB4I8fL5V_D8DOzawgFIt3JfLN1wZMjHZ0C_edE72QG3iK8OSI7rbf7nT8THhnW8zu8WKs2ckk0GTYbiSvzPXDg0Gl8D5WyhCjoHK4k7QTLm3cMuxcBsasRk4qPkELK0J--DPOsxxFDfbfLlPsAj2ffCg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXXbuJD2VY6qwD66_9u8P58SDyA7kj9KxXP_Q2ZGIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04MDIyMTc1MzU0MjczMzkyyAEJqQJ-xmmqDZG0PqgDAaoEvgFP0OKl_AhoyV4VapNZ1KyYiC-3xYiP8VnSqETcCScs35o5AmQjDiWjc-XhJA08h5E2vNRmR0sjgY0plCBbvEUZ9iJjuKWc9EFol-hgCEOvZdUkuKmEbwqKD9yGzTqVcvdEMn-etFKDAuTq3r1bGdHLBkctcLWgsfZ_nd2ud3BJ5S_r4LY_WQi5FiSzDioLI-JbCDYlhDTYSpDq01D_GnasbhFnIqBa64guX1j5vH3Tg2g9v8gxuQZlzV_69NmYgAb2nbXy9NyNzPABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2r5a8P9M9xFY_bZd4p7YITvQZg5w%26client%3Dca-pub-8022175354273392%26adurl%3D
Frame ID: DEB7E0F32CF184900A0B5B6ADC370CC8
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EE6DF0E20054628E50A2BE2FDBFABB3
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5U9JAAD7IwH_YSFAAvZorVSAvNPD-Gnx0J3TQ&u=%7CLafiglRaK%2Bg3LqetoGG3bOrwhjCcq4gVuHJL2i5CqMA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcVrwsIcAYMSp9NJJxHgFAXY6rBUPinG4AzvkR_9jEFMR8vXKYTuPIZAwB6hSbRvnfeaBzxv4wjldr-vXhXgao2hV6sjTVF0hJMaFRJ4R_ByeqW63REUq2iSnmXVsSOCLNgSSZeLSfOlQY1CMc7RZSUvX2FbrYK9OfC73AhUlWZvNMZBYC7UM4J3qe_VjThd35zEgUhylppfvL25cSfaaxaFqNPPazN5sIizovJ6CZQNH5YWopeM_lN4ljA8eP4Wp8GxSirSthaNNvetPofXqLlIDdPqQC0_SmEBvVCvqFdrPkewvamrKSNQzRPSluWHIMChdnknoKyIOnFyEBqBu97-l7LZD5ai64Dy9DJGtxIcShlI41pNvy_K4yMe0TllQZMAZEAOI4eMMY3S8XFbRa0Y5H_SUi5Sv4HU3AvDz1Vtgg4H01jlaHMWcT6zuWWXScq8Xb7zlw3zG4IPojxCk05n1yhy91WP0Upr-5oBNhFXc4g7dP7AxUFDNmlSYui1qjX8zHdOnGHB5pWtOuSCQl2bdwzxvzL67xgvdgovioCo1tXkc16GhK3x0xw8lykHeY1NDXw0nusqA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCftvmJD2VY4zZD4WJ9u8PorOvuAXkj9KxXK-w_YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04MDIyMTc1MzU0MjczMzkyyAEJqQJ-xmmqDZG0PqgDAaoEvgFP0BGG_FTiUeyIGoRNfoA6IJyNtc_-mFJRYLR7BaB0HzEo9RC3H7BwqUrhAgRfc_BeHe4byn8Ysv5XwPPflIJr8wewD97PTO4y0a86KLJdQwWU_IAgY-e1t4vy7svIMAw8KIiPeA6amwzPha3vVLi9pdHf6vjax2VysOA_J1sVmXnb3BL0HvY4upjIyGjW4ZvgpeZBoiw2j0qaizyYZSmBLfXSpupcvW2NhCD8WZGmrtUBhu7JXBF679aiV_x4gAa7hqj6s_jMlEegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3OLt4-XIyPn-UIBLUHxeqSRFyuRQ%26client%3Dca-pub-8022175354273392%26adurl%3D
Frame ID: ADFD460DF4706BA3304871E280DAEEF5
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB69246918CFD5968CEBD34F151EF296
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 342253450E4D3ACE4F39C40015E8B0C1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71AC0F3744EEA7F0EA517EA5A9BB7FC7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EA22C95F1C0BDFFCE03FDC500B6781A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: D0FC6C93454CD4FC7E8DB289A89456C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 858E73DD33A9A04D3DA0809EFFD0B945
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8A2E6FDC416EF3F52E039AD0559BAF3B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 792F254BEAE7A16B477B3B00551B60BD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 663F3F203E1C1146FE2141993D1CD306
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE6CDE06A272895295C0D511CF954F6B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | CRYPTOUKR - Free Bitcoin

Page URL History Show full URLs

http://cryptoukr.in.ua/ HTTP 301
https://cryptoukr.in.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

189
Requests

86 %
HTTPS

63 %
IPv6

34
Domains

55
Subdomains

39
IPs

10
Countries

4148 kB
Transfer

7256 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cryptoukr.in.ua/ HTTP 301
https://cryptoukr.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://um.simpli.fi/gp_match?google_gid=CAESEDFUK7Y7-9VKNrQRgArLsgw&google_cver=1&google_push=ASkJ3Fbqgc8w_YbJlddNoXEqawDBqT-ukLf0jzTglJYM-UOC6gP3IgDg9KZkdWfxkGK_AFMjCQEMwJGC6WZRORiWs0Vi4Jgd8Fq3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BB6BD13895048E8A7B7D55965CDB69E&google_push=ASkJ3Fbqgc8w_YbJlddNoXEqawDBqT-ukLf0jzTglJYM-UOC6gP3IgDg9KZkdWfxkGK_AFMjCQEMwJGC6WZRORiWs0Vi4Jgd8Fq3

Request Chain 95

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELNjmiPjwblRXDiZG3UgUbQ&google_cver=1&google_push=ASkJ3FbTkuihub7JZNSTHACGAmeK6KuWJskieapnjWBapYLOEHlztw4XWeEya2rS1xgnf_9l4ZN9nAeieNz85innsfvinkIC9ApcvA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELNjmiPjwblRXDiZG3UgUbQ&google_cver=1&google_push=ASkJ3FbTkuihub7JZNSTHACGAmeK6KuWJskieapnjWBapYLOEHlztw4XWeEya2rS1xgnf_9l4ZN9nAeieNz85innsfvinkIC9ApcvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc5NjY1MzA2ODcxMDM5Mjk4&google_push=ASkJ3FbTkuihub7JZNSTHACGAmeK6KuWJskieapnjWBapYLOEHlztw4XWeEya2rS1xgnf_9l4ZN9nAeieNz85innsfvinkIC9ApcvA

Request Chain 96

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA0g2Ta-ddgNtLk9yzSPtyY&google_cver=1&google_push=ASkJ3Fb_Wx6exqhOYUHjKnEUBGBPUsbpbkJYd-L4f3Z_pXm2kHhKaGN6_LlorRRccSDF-0la5MwEvnNGacGwIHyqY6mlrnnydNqnmw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJJUUdWVlMtUi00NVJU&google_push=ASkJ3Fb_Wx6exqhOYUHjKnEUBGBPUsbpbkJYd-L4f3Z_pXm2kHhKaGN6_LlorRRccSDF-0la5MwEvnNGacGwIHyqY6mlrnnydNqnmw

Request Chain 97

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECpyR-VLIRPchenp9IwDfVU&google_cver=1&google_push=ASkJ3Fb-L_Q0LCQuYyK6Iy3mjq2y8d2w3JB0y5Tw3ZMuFmaaVec-YjgV0-vlkBl31YA5xPgYyzirZtqnmAZovU31N0kkTT6PwvIJyA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECpyR-VLIRPchenp9IwDfVU&google_push=ASkJ3Fb-L_Q0LCQuYyK6Iy3mjq2y8d2w3JB0y5Tw3ZMuFmaaVec-YjgV0-vlkBl31YA5xPgYyzirZtqnmAZovU31N0kkTT6PwvIJyA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECpyR-VLIRPchenp9IwDfVU&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3Fb-L_Q0LCQuYyK6Iy3mjq2y8d2w3JB0y5Tw3ZMuFmaaVec-YjgV0-vlkBl31YA5xPgYyzirZtqnmAZovU31N0kkTT6PwvIJyA

Request Chain 98

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELc6XpX5lPBx6H3SwFMTW_g&google_cver=1&google_push=ASkJ3FYNtAJEdM5F0NpejVktGdn0kilVg-avm0xda5OJfn-j7QC8aOc7vWTwoTTJUb-4TThwzSDhK4ntAN18QB-yCP3zwkAYg030nRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYNtAJEdM5F0NpejVktGdn0kilVg-avm0xda5OJfn-j7QC8aOc7vWTwoTTJUb-4TThwzSDhK4ntAN18QB-yCP3zwkAYg030nRA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 100

https://um.simpli.fi/gp_match?google_gid=CAESEBHDZDxki0hQHt5CcG3ZYRo&google_cver=1&google_push=ASkJ3FYnjgyFtL_LZD-H0i8Vt2CHvdPHFP4g3Q63g1Kg6MNxlutTGJSGrXUHnf6HvE3Bf7eV2lvrEYezPyeNgpk2oKMXqJbDPtN7LGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B64256B4243846B9955732839DF9AA33&google_push=ASkJ3FYnjgyFtL_LZD-H0i8Vt2CHvdPHFP4g3Q63g1Kg6MNxlutTGJSGrXUHnf6HvE3Bf7eV2lvrEYezPyeNgpk2oKMXqJbDPtN7LGQ

Request Chain 102

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIXoJiBR0kfzM6_kEz8ZcvA&google_cver=1&google_push=ASkJ3FbxE291EywCjBvWIuhKO40tIUYxBX4Zr4GxEKy3aKQd_S6VUHGaWoKakV_INY0f0m4kkZ33Qy8FtxHk3Uy7nKBU0hirGWEP89Eg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIXoJiBR0kfzM6_kEz8ZcvA&google_cver=1&google_push=ASkJ3FbxE291EywCjBvWIuhKO40tIUYxBX4Zr4GxEKy3aKQd_S6VUHGaWoKakV_INY0f0m4kkZ33Qy8FtxHk3Uy7nKBU0hirGWEP89Eg HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=202d962b-d716-4883-83c4-01da97a31de5 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=202d962b-d716-4883-83c4-01da97a31de5 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=87607d17-7bcd-4d12-9e2b-af9861e79da8&user_group=1&ssp=google&bsw_param=202d962b-d716-4883-83c4-01da97a31de5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl8-wiOCm-jaTo&google_hm=IC2WK9cWSIODxAHal6Md5Q==

Request Chain 103

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECeDbqjqJWp6y5DD9y-jjHc&google_cver=1&google_push=ASkJ3FYJZFLa-nrQz1gZLaOYhlD23RLtQbdC5VkFsyWES1oxiZaxAI1GhgdtZekMSj08OsPVVybnjOLDDgdZNHQRPgvoi2Ba6l-EowTV HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECeDbqjqJWp6y5DD9y-jjHc&google_cver=1&google_push=ASkJ3FYJZFLa-nrQz1gZLaOYhlD23RLtQbdC5VkFsyWES1oxiZaxAI1GhgdtZekMSj08OsPVVybnjOLDDgdZNHQRPgvoi2Ba6l-EowTV&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CfD3lv6URwWFEx1Ipl6ZBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYJZFLa-nrQz1gZLaOYhlD23RLtQbdC5VkFsyWES1oxiZaxAI1GhgdtZekMSj08OsPVVybnjOLDDgdZNHQRPgvoi2Ba6l-EowTV

Request Chain 104

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECzEBQA_SexwLXC1oJfbYHo&google_cver=1&google_push=ASkJ3FZr8iLdEgOdl0jQ-Uz21cf_OUlLmjNv2CvXp25lX_1EdqS6iD1Uj_ZWwRqG72hynTAMsLLHcq4w46wfVygHeN6EAJVzasgZjcsn HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECzEBQA_SexwLXC1oJfbYHo&google_cver=1&google_push=ASkJ3FZr8iLdEgOdl0jQ-Uz21cf_OUlLmjNv2CvXp25lX_1EdqS6iD1Uj_ZWwRqG72hynTAMsLLHcq4w46wfVygHeN6EAJVzasgZjcsn&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZr8iLdEgOdl0jQ-Uz21cf_OUlLmjNv2CvXp25lX_1EdqS6iD1Uj_ZWwRqG72hynTAMsLLHcq4w46wfVygHeN6EAJVzasgZjcsn&google_hm=Fy7nvGZHzQRJL8HeRmSgRgQb

Request Chain 105

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIiGEh7efubJdrfpYbhMGsc&google_cver=1&google_push=ASkJ3Fbfj8ohzjzYwg4y4TJ6VOd5GSKVJQGKatqGwZnKdBn_0Uw803YeD0xCCfC_qYcv4tlFErSpRBR9XbuO9iebA3shAINLfWKWZ0FV HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fbfj8ohzjzYwg4y4TJ6VOd5GSKVJQGKatqGwZnKdBn_0Uw803YeD0xCCfC_qYcv4tlFErSpRBR9XbuO9iebA3shAINLfWKWZ0FV&google_gid=CAESEIiGEh7efubJdrfpYbhMGsc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MTUxMDA4NDI0ODU1Nzg4MDQ4Mg%3D%3D&google_push=ASkJ3Fbfj8ohzjzYwg4y4TJ6VOd5GSKVJQGKatqGwZnKdBn_0Uw803YeD0xCCfC_qYcv4tlFErSpRBR9XbuO9iebA3shAINLfWKWZ0FV

Request Chain 106

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE3jEU7kcV4i-o6stJ20_8w&google_cver=1&google_push=ASkJ3FZmY14cMqoNwDJcVOpE7EYOiQPo3d9Wa2QipZ7C7GaAC2jR7F8jh2qfsl4pBNAprJ4IPeSz63xObvtNo_vZHJdZqw4HIdGWaSHzcA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZmY14cMqoNwDJcVOpE7EYOiQPo3d9Wa2QipZ7C7GaAC2jR7F8jh2qfsl4pBNAprJ4IPeSz63xObvtNo_vZHJdZqw4HIdGWaSHzcA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 162

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEZpzzfTNSyRLkKkwI-L384&google_cver=1&google_push=ASkJ3FYC-63YpeXlcSDNBxEWOUE-xgA9QRvkIXuu5jQFI4UGBLEhBN4opQ-mSA-KOKqIWoT76gphqJ0C-r4K3-uSa-WPR2EHcixQuK8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEZpzzfTNSyRLkKkwI-L384&google_cver=1&google_push=ASkJ3FYC-63YpeXlcSDNBxEWOUE-xgA9QRvkIXuu5jQFI4UGBLEhBN4opQ-mSA-KOKqIWoT76gphqJ0C-r4K3-uSa-WPR2EHcixQuK8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SEF1N09yelAxUDRiUlA1&google_gid=CAESEEZpzzfTNSyRLkKkwI-L384&google_cver=1&google_push=ASkJ3FYC-63YpeXlcSDNBxEWOUE-xgA9QRvkIXuu5jQFI4UGBLEhBN4opQ-mSA-KOKqIWoT76gphqJ0C-r4K3-uSa-WPR2EHcixQuK8

Request Chain 163

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH8-Fsts-YoBgWgexlgcTV0&google_cver=1&google_push=ASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3g4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3g4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH8-Fsts-YoBgWgexlgcTV0&google_cver=1&google_push=ASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3g4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3g4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 164

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBXjUt_kiCmZ7QPP24N_M4U&google_cver=1&google_push=ASkJ3FYb9ViR91NuPXSoCcDmba_3Ce38J_2ctbF7uKYSuNYdzc530OeKYRL56Y-D_oCmbRVh-AzZco7Fm3zefYI9b3Knmi3KXNVjEKs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYb9ViR91NuPXSoCcDmba_3Ce38J_2ctbF7uKYSuNYdzc530OeKYRL56Y-D_oCmbRVh-AzZco7Fm3zefYI9b3Knmi3KXNVjEKs&google_hm=eS1rUW5vR001RTJwRnFjV3pDU3lpc081a1hjenBhMUczZ35B

Request Chain 165

https://d5p.de17a.com/cookies/google?google_gid=CAESEBIbD071Y6U91SVOYtLQHqA&google_cver=1&google_push=ASkJ3Fa_XqQheR1jkf0MoBkPx0OKbcuz6A0vRdE5m7TADoHu0rcDubhRCOLgTIcSuIHDdJvbEfADyVQr21IHyIDOsavN6PShaeoX_PY HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBIbD071Y6U91SVOYtLQHqA&google_cver=1&google_push=ASkJ3Fa_XqQheR1jkf0MoBkPx0OKbcuz6A0vRdE5m7TADoHu0rcDubhRCOLgTIcSuIHDdJvbEfADyVQr21IHyIDOsavN6PShaeoX_PY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fa_XqQheR1jkf0MoBkPx0OKbcuz6A0vRdE5m7TADoHu0rcDubhRCOLgTIcSuIHDdJvbEfADyVQr21IHyIDOsavN6PShaeoX_PY

Request Chain 166

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVvAHTyw-g_BZ4-9aQeapM&google_cver=1&google_push=ASkJ3FYwF-rdSZflBRm0S4m2Q96aXZ3u5Nz9S3w4ROTJvkx-s04YgV8rRxD_dPzWPxilfi6dEiUEmX22RozA1w6kD9xPjZbnxHzM2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVvAHTyw-g_BZ4-9aQeapM&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3FYwF-rdSZflBRm0S4m2Q96aXZ3u5Nz9S3w4ROTJvkx-s04YgV8rRxD_dPzWPxilfi6dEiUEmX22RozA1w6kD9xPjZbnxHzM2Q

Request Chain 167

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJwvU7OmH_WdYSJsBH7cteE&google_cver=1&google_push=ASkJ3FYrfHHeXbIOArRRn5GtbTNAWan79U8RCL88TERbWHUl6PCMV3aN8FC0pTNAnVeHskHcA63cKmXoYDuwU-ftbmk6fFHVml-X-3If HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202d962b-d716-4883-83c4-01da97a31de5&%%GOOGLE_PUSH_PAIR%%

Request Chain 169

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGtFchotWSGouy16OldjEbU&google_cver=1&google_push=ASkJ3FYYvEC1Q3Yvwg6ynxc1eqOnQ7iMzdTQ096auZPNcJoK3oZ0RvxNUA9cQZjSVZpkjqU4YK-fCn14RpPZlu-rFa3Y9QPnXeZm4qQd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUwNDU2MDk3MjQxMTQwNzk5OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGtFchotWSGouy16OldjEbU&google_cver=1

Request Chain 170

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGzwWp_eTCYogpN0pVlhdPM&google_cver=1&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl8-wiOCm-jaTo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl8-wiOCm-jaTo&google_hm=IC2WK9cWSIODxAHal6Md5Q==

Request Chain 171

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGQ_R68y-CV0UIAwQbZiUGo&google_cver=1&google_push=ASkJ3Fa0v9GviKA88hVMSi7ANd2-RsJkI0c31ePOjwfC5ZHfYMXDGsCi3cQtjD3H-nW22VIndOjUE-SvuyZEZREsne_2athSaHbRGwTZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc5NjY1MzA2ODcxMDM5Mjk4&google_push=ASkJ3Fa0v9GviKA88hVMSi7ANd2-RsJkI0c31ePOjwfC5ZHfYMXDGsCi3cQtjD3H-nW22VIndOjUE-SvuyZEZREsne_2athSaHbRGwTZ

Request Chain 172

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFsjbeuTXyLW_TptaUkpUMw&google_cver=1&google_push=ASkJ3FbKxAKV0yulDzSBSuDfPYfR4lv47Uu6ns8ti5SNhp4-Oxd2zDc44CSaj--LPtmk9LM-960JyTyuOaeYUzt_NZxpaD6Shhdp9ls HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFsjbeuTXyLW_TptaUkpUMw&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3FbKxAKV0yulDzSBSuDfPYfR4lv47Uu6ns8ti5SNhp4-Oxd2zDc44CSaj--LPtmk9LM-960JyTyuOaeYUzt_NZxpaD6Shhdp9ls

Request Chain 173

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOgmFKzSelByaLvtWbyNVHs&google_cver=1&google_push=ASkJ3FbFSf_Ttbnk5uDOYJykhxT23_mj4LKAZMFf-Js7jCik06ANxEwQQBFe7QEk9Q3DU_aiWg76y5ejdLqr7qGZqoZ8kS01G_wl4Ck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MTUxMDA4NDI0ODU1Nzg4MDQ4Mg%3D%3D&google_push=ASkJ3FbFSf_Ttbnk5uDOYJykhxT23_mj4LKAZMFf-Js7jCik06ANxEwQQBFe7QEk9Q3DU_aiWg76y5ejdLqr7qGZqoZ8kS01G_wl4Ck

Request Chain 174

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEESboUSSvA6nnFo2pqUsZ0Q&google_cver=1&google_push=ASkJ3FaqgIDmEiPFtNXEjvemZviYLU11Y-F4PpmYGFGijZJVPXRp3VagT6j5qZRUyEVkX93AXX7HxmHZ6ivX2GJ8v5Yj0PLNdtIbJimphg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FaqgIDmEiPFtNXEjvemZviYLU11Y-F4PpmYGFGijZJVPXRp3VagT6j5qZRUyEVkX93AXX7HxmHZ6ivX2GJ8v5Yj0PLNdtIbJimphg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 175

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEB5PQ45ud8QDpdfxYsP3tsY&google_cver=1&google_push=ASkJ3FZpbfQoQMV1cN8hm6DJ1fUhDHvGwqGYAk8YS1ZzvYCR1lj0GvI5k2EqdYQtIjrOJqoKWn5fCrfqpWeRerEteiiaQmIW4O2b6HMUwA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202d962b-d716-4883-83c4-01da97a31de5&%%GOOGLE_PUSH_PAIR%%

Request Chain 178

https://gcdn.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6E54CD31AD625D8CABD175DB7610B89DE4F7CC3F.1059EBC167566BAA4FE0EF1911AA4445979C8D44/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-aigzrn76.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6F6337C26E1706A48AB8CECB77B6B9B526A35B6B.3B2ECC618A12EE957B7FBB579707F9CCE1BE4FB2/key/cms1/cms_redirect/yes/mh/NE/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1670724539/mv/m/mvi/5/pl/48/file/file.mp4

Request Chain 180

https://gcdn.2mdn.net/videoplayback/id/515fce67586e4ab9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090461/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/70B1426ED98AF89595BCC05667FA4FC50979863F.9B1C76C02E5B89638B03B680442E74DF388D7B99/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-aigzrn7d.c.2mdn.net/videoplayback/id/515fce67586e4ab9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090461/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20977F8F03CBEB13285D3AD82332C5F1286A9E43.18F971848802574DD12EAB8497CAF4B5B9715B60/key/cms1/cms_redirect/yes/mh/2Q/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1670724539/mv/m/mvi/4/pl/48/file/file.mp4

189 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cryptoukr.in.ua/
Redirect Chain

http://cryptoukr.in.ua/
https://cryptoukr.in.ua/

30 KB
7 KB

247ms
102ms

Document
text/html

2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 432bbe9eba01c8518ab71def481326144d0e6d91bca5ef0212fdcf84be3d507f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 11 Dec 2022 02:14:58 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-page-speed: 1.13.35.2-0

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 11 Dec 2022 02:14:58 GMT
Location: https://cryptoukr.in.ua/
Server: nginx

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 187ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8022175354273392

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41ab072aa599b58d2c2eeaf3f2cf5f8947e027bf2892cb0b51bfc331b1d2465c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Origin: https://cryptoukr.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49569
x-xss-protection: 0
server: cafe
etag: 7031369900736691826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 02:14:59 GMT

GET
H2 200 home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css
cryptoukr.in.ua/assets/css/ 679 KB
116 KB 70ms
69ms Stylesheet
text/css 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoukr.in.ua/assets/css/home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c1bd3925c9321802488a88427917a08313bbf658e6897f34ca1fef99cd4eeda5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Thu, 08 Dec 2022 13:16:23 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 13:16:23 GMT
server: nginx
x-original-content-length: 695112
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 118462
expires: Fri, 08 Dec 2023 13:16:23 GMT

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ 6 KB
3 KB 134ms
39ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=92Madg4mkE
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8445dad30e846942a0f8e8f223713025039f6c248d40a4815e966a556f46d9b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Sun, 11 Dec 2022 02:14:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

GET
H2 200 xlogo.png.pagespeed.ic.IdNg-xj5oD.webp
cryptoukr.in.ua/assets/images/ 49 KB
50 KB 166ms
165ms Image
image/webp 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoukr.in.ua/assets/images/xlogo.png.pagespeed.ic.IdNg-xj5oD.webp
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d697bedcf6292a33ac5e5c3a1f5c156e4c96d136877dab0500ee224c39802302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 25 Nov 2022 10:00:49 GMT
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 10:00:49 GMT
server: nginx
x-original-content-length: 87232
etag: W/"0"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
link: <https://cryptoukr.in.ua/assets/images/logo.png>; rel="canonical"
expires: Sat, 25 Nov 2023 10:00:49 GMT

GET
H2 200 xcryptocurrency.png.pagespeed.ic.IdNg-xj5oD.webp
cryptoukr.in.ua/assets/images/home/ 49 KB
50 KB 167ms
166ms Image
image/webp 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoukr.in.ua/assets/images/home/xcryptocurrency.png.pagespeed.ic.IdNg-xj5oD.webp
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: d697bedcf6292a33ac5e5c3a1f5c156e4c96d136877dab0500ee224c39802302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 25 Nov 2022 10:00:49 GMT
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 10:00:49 GMT
server: nginx/1.22.0
x-original-content-length: 87232
etag: W/"0"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
link: <https://cryptoukr.in.ua/assets/images/home/cryptocurrency.png>; rel="canonical"
expires: Sat, 25 Nov 2023 10:00:49 GMT

GET
H2 200 50xNxbtc.png.pagespeed.ic.S_QZShKTf3.webp
cryptoukr.in.ua/assets/images/currencies/ 3 KB
3 KB 168ms
167ms Image
image/webp 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoukr.in.ua/assets/images/currencies/50xNxbtc.png.pagespeed.ic.S_QZShKTf3.webp
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 6b42a874ffe6254d1b713bab8fe5fdb862c50f4da2109cfb01ce9154c993e885

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 25 Nov 2022 10:00:49 GMT
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 10:00:49 GMT
server: nginx/1.22.0
x-original-content-length: 8707
etag: W/"0"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
link: <https://cryptoukr.in.ua/assets/images/currencies/btc.png>; rel="canonical"
expires: Sat, 25 Nov 2023 10:00:49 GMT

GET
H2 200 xbtc.png.pagespeed.ic.7FA74CySWs.webp
cryptoukr.in.ua/assets/images/currencies/ 7 KB
8 KB 168ms
167ms Image
image/webp 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoukr.in.ua/assets/images/currencies/xbtc.png.pagespeed.ic.7FA74CySWs.webp
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: b7495c11aa1118d36a7c83de0af4e273fe4b774d142f6cb2b28f70b4c09bf671

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Thu, 24 Nov 2022 11:23:54 GMT
content-encoding: gzip
last-modified: Thu, 24 Nov 2022 11:23:54 GMT
server: nginx/1.22.0
x-original-content-length: 8707
etag: W/"0"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
link: <https://cryptoukr.in.ua/assets/images/currencies/btc.png>; rel="canonical"
expires: Fri, 24 Nov 2023 11:23:54 GMT

GET
H2 200 xfaq.png.pagespeed.ic.zcvNdf4i2k.webp
cryptoukr.in.ua/assets/images/home/ 13 KB
13 KB 169ms
168ms Image
image/webp 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptoukr.in.ua/assets/images/home/xfaq.png.pagespeed.ic.zcvNdf4i2k.webp
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 3264b4a7590f8d08295f2ab2a71a911913cf797494916f3fede8b116518ceed2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 25 Nov 2022 10:00:49 GMT
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 10:00:49 GMT
server: nginx/1.22.0
x-original-content-length: 26024
etag: W/"0"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
link: <https://cryptoukr.in.ua/assets/images/home/faq.png>; rel="canonical"
expires: Sat, 25 Nov 2023 10:00:49 GMT

GET
H2 200 jquery-3.5.1.min.js.pagespeed.jm.A8biqtTJrt.js Show response
cryptoukr.in.ua/assets/js/vie/home/ 87 KB
30 KB 165ms
163ms Script
application/javascript 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoukr.in.ua/assets/js/vie/home/jquery-3.5.1.min.js.pagespeed.jm.A8biqtTJrt.js
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Thu, 08 Dec 2022 13:16:25 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 13:16:25 GMT
server: nginx/1.22.0
x-original-content-length: 89475
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30819
expires: Fri, 08 Dec 2023 13:16:25 GMT

GET
H2 200 popper.min.js+bootstrap.min.js+jquery.easing.min.js.pagespeed.jc.qhWmBoOjG-.js Show response
cryptoukr.in.ua/assets/js/vie/home/ 84 KB
22 KB 165ms
163ms Script
application/javascript 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoukr.in.ua/assets/js/vie/home/popper.min.js+bootstrap.min.js+jquery.easing.min.js.pagespeed.jc.qhWmBoOjG-.js
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: fa1e122ec0cfdb99660d319f7d8da86ca4dabc60374e8d4da40346af7520d9ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Thu, 08 Dec 2022 13:16:24 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 13:16:24 GMT
server: nginx/1.22.0
x-original-content-length: 86977
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22653
expires: Fri, 08 Dec 2023 13:16:24 GMT

GET
H2 200 owl.carousel.min.js+countdown.min.js+jquery.waypoints.min.js+jquery.rcounterup.js+magnific-popup.min.js+app.min.js.pagespeed.jc.79OMq6oux5.js Show response
cryptoukr.in.ua/assets/js/vie/home/ 83 KB
23 KB 166ms
164ms Script
application/javascript 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoukr.in.ua/assets/js/vie/home/owl.carousel.min.js+countdown.min.js+jquery.waypoints.min.js+jquery.rcounterup.js+magnific-popup.min.js+app.min.js.pagespeed.jc.79OMq6oux5.js
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 5e82fd1a91088e29926a4e6b4f0d25855168b5d973373eaaa6a5ea34ba2fa91b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
date: Thu, 08 Dec 2022 13:16:24 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 13:16:24 GMT
server: nginx/1.22.0
x-original-content-length: 85270
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23727
expires: Fri, 08 Dec 2023 13:16:24 GMT

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ 689 B
1 KB 117ms
38ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1659089967857
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=92Madg4mkE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 78579d2ac1241db15da9ef80449cd0deaeb85d5f36963c46be6d2ef54d30c9c6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 689

GET
H2 200 css
fonts.googleapis.com/ 8 KB
785 B 157ms
59ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/assets/css/home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 02:14:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 02:14:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
740 B 155ms
58ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/assets/css/home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 00:16:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 02:14:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 152ms
55ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/assets/css/home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8825dc4d61a2cadba97be1943b3915899749a233d2e719ea734e2ff043a0f421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 02:12:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 02:14:59 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
117 KB 179ms
86ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8022175354273392&plah=cryptoukr.in.ua&bust=31071276

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8022175354273392

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d50e7e68c24b7c158fe9f5a68d7adf11b5ff21cb040d944451edda6c59bdcae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119790
x-xss-protection: 0
server: cafe
etag: 14670301806232545301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 02:14:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame DD27 10 KB
5 KB 149ms
44ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8022175354273392

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 44374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 13:55:25 GMT
etag: 10353107486223812946
expires: Sat, 24 Dec 2022 13:55:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ 467 B
921 B 147ms
52ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=92Madg4mkE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7029ccf1a4e15e4458145001fec570185f68c441c0812823c6d1accc61c6823c

Request headers

Referer: https://cryptoukr.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:14:59 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cryptoukr.in.ua
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 133ms
38ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cryptoukr.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cryptoukr.in.ua
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Sun, 11 Dec 2022 02:14:59 GMT
server: nginx

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 152ms
45ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cryptoukr.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 382130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:06:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 203ms
96ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cryptoukr.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 458675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:50:24 GMT

GET
H2 200 fa-solid-900.woff2
cryptoukr.in.ua/assets/fonts/ 78 KB
78 KB 69ms
68ms Font
font/woff2 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoukr.in.ua/assets/fonts/fa-solid-900.woff2
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/assets/css/home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://cryptoukr.in.ua/assets/css/home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css
Origin: https://cryptoukr.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 08:35:09 GMT
server: nginx
etag: W/"634fb6bd-13654"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000, s-maxage=10
expires: Tue, 10 Jan 2023 02:14:59 GMT

GET
H2 200 fa-regular-400.woff2
cryptoukr.in.ua/assets/fonts/ 13 KB
13 KB 71ms
71ms Font
font/woff2 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoukr.in.ua/assets/fonts/fa-regular-400.woff2
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/assets/css/home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://cryptoukr.in.ua/assets/css/home,_main.min.css+icons.min.css,qv==4.3.1.pagespeed.cc.1NMJD77R26.css
Origin: https://cryptoukr.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 08:35:09 GMT
server: nginx
etag: W/"634fb6bd-3510"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000, s-maxage=10
expires: Tue, 10 Jan 2023 02:14:59 GMT

GET
H/1.1 200
OK crypto Show response
maanimo.com/widget/ Frame 4023 7 KB
3 KB 205ms
84ms Document
text/html 88.198.1.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://maanimo.com/widget/crypto?maanimo-widget_crypto-ticker=%3Ca%20href%3D%22https%3A%2F%2Fmaanimo.com%2Fcryptocurrency%22%20rel%3D%22nofollow%22%20target%3D%22_blank%22%3E%D0%9A%D1%83%D1%80%D1%81%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%3C%2Fa%3E
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.1.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.198.1.29.clients.your-server.de
Software: nginx / PHP/7.1.33
Resource Hash: d7e44f6256457bb27ed304069baf221db53da70c655f146fd789091d90eef245

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 11 Dec 2022 02:14:59 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.1.33
X-Robots-Tag: noindex

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 145ms
45ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Dec 2022 01:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3553
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 11 Dec 2022 03:15:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
700 B 231ms
92ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cryptoukr.in.ua&callback=_gfp_s_&client=ca-pub-8022175354273392&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8022175354273392&plah=cryptoukr.in.ua&bust=31071276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c9a7dc8d57cc746e7af995b069dbe464833994d2de824116a9ccc1948f64746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 226ms
91ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=cryptoukr.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 228ms
92ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cryptoukr.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 80ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcryptoukr.in.ua%2F&tn=DIV&id=preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:14:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcryptoukr.in.ua%2F&tn=DIV&id=preloader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:14:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 787A 175 KB
46 KB 508ms
382ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&adk=1812271804&adf=3025194257&lmt=1670724899&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fcryptoukr.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724899318&bpp=5&bdt=272&idt=292&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2712632659574&frm=20&pv=2&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=309

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08d23aa80824f1516c8c11387425eb21e47b2add095f330bd2896f7859cab21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 47149
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:00 GMT
expires: Sun, 11 Dec 2022 02:15:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 script.js Show response
cdn.ctengine.io/js/pnd/ 86 KB
33 KB 278ms
43ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctengine.io/js/pnd/script.js
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c790c863500fb7c30a6bd54d831cd0d7d2d29888ef2c5f1a8039d5adb4fcb28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AZySIRDOzLj/G+INAA
x-accel-expires: @1670851848
date: Sun, 11 Dec 2022 02:14:59 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 10:04:38 GMT
server: CDN77-Turbo
etag: W/"6257f1b6-158d3"
x-77-nzt-ray: f6587a1d9b9c4315233d95634aeaac34
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-77-cache: HIT
x-age: 909851

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 186ms
52ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1559033752&t=pageview&_s=1&dl=https%3A%2F%2Fcryptoukr.in.ua%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20CRYPTOUKR%20-%20Free%20Bitcoin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1145804849&gjid=2004142548&cid=1027546694.1670724900&tid=UA-210418737-1&_gid=1401970057.1670724900&_r=1&_slc=1&z=1570954572

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cryptoukr.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:14:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cryptoukr.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sprite
api.maanimo.com/cryptocurrency/ Frame 4023 19 KB
14 KB 534ms
57ms Stylesheet
text/css 88.198.1.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.maanimo.com/cryptocurrency/sprite?pict=ADA,BCH,BNB,BTC,EOS,ETH,LTC,USDT,XRP,XTZ
Requested by: Host: maanimo.com
URL: https://maanimo.com/widget/crypto?maanimo-widget_crypto-ticker=%3Ca%20href%3D%22https%3A%2F%2Fmaanimo.com%2Fcryptocurrency%22%20rel%3D%22nofollow%22%20target%3D%22_blank%22%3E%D0%9A%D1%83%D1%80%D1%81%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%3C%2Fa%3E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.1.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.198.1.29.clients.your-server.de
Software: nginx / PHP/7.1.33
Resource Hash: 455046eb93cdb3bbd37701b24fa903201be5c69fe441e14525324d7f9443a710

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://maanimo.com/widget/crypto?maanimo-widget_crypto-ticker=%3Ca%20href%3D%22https%3A%2F%2Fmaanimo.com%2Fcryptocurrency%22%20rel%3D%22nofollow%22%20target%3D%22_blank%22%3E%D0%9A%D1%83%D1%80%D1%81%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%3C%2Fa%3E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 02:15:00 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.1.33
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=864000
Connection: keep-alive
X-Robots-Tag: noindex

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
445 B 135ms
41ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-210418737-1&cid=1027546694.1670724900&jid=1145804849&gjid=2004142548&_gid=1401970057.1670724900&_u=IAhAAEAAAAAAACAAI~&z=2066756751

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cryptoukr.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cryptoukr.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 155ms
54ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-210418737-1&cid=1027546694.1670724900&jid=1145804849&_u=IAhAAEAAAAAAACAAI~&z=979240300

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 158ms
58ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-210418737-1&cid=1027546694.1670724900&jid=1145804849&_u=IAhAAEAAAAAAACAAI~&z=979240300

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 151 KB
51 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92405bc8bd30bb135d0303b296f3d9b362624ae2255fddb54ba6eb478771cb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52381
x-xss-protection: 0
server: cafe
etag: 3498845658874422346
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 02:15:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-8022175354273392&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 149ms
56ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=cryptoukr.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 147ms
55ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cryptoukr.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47C2 71 KB
23 KB 217ms
217ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1246383015&adf=3306259287&pi=t.aa~a.3414242075~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=2&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0&nras=2&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6KqrlhUuZS&p=https%3A//cryptoukr.in.ua&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c32e6ffdb07fa6ceceae33032eb4253de66b1d8138f4336003ea24bfcbb86457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23807
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:00 GMT
expires: Sun, 11 Dec 2022 02:15:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E98A 70 KB
23 KB 435ms
435ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3912392049&adf=451160530&pi=t.aa~a.2860992541~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1157&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280&nras=3&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jRgE1Xd6GA&p=https%3A//cryptoukr.in.ua&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c322561da95a7c793e2b60d867560b3bc4ff8ff392e95112d480b1255c0a379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23500
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:00 GMT
expires: Sun, 11 Dec 2022 02:15:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 864D 25 KB
11 KB 182ms
181ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1105446124&adf=2157031148&pi=t.aa~a.2689954535~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Ue6BF89Nmc&p=https%3A//cryptoukr.in.ua&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d55a5c61473b36719f0434a2f891888608b891b11b96953184c96122d7628edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:00 GMT
expires: Sun, 11 Dec 2022 02:15:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46F3 26 KB
12 KB 186ms
186ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.1998631716~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=0&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1200x280&nras=5&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=CqVRpNX3hs&p=https%3A//cryptoukr.in.ua&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef2bdbafbba7ee2f87c77fc68c7c649eb951549b048640db446741f3c9dc0d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:00 GMT
expires: Sun, 11 Dec 2022 02:15:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-8022175354273392&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20221207_093944&sat=1670707548473&afm=0&as_count=0&d_count=0&ng_count=0&am_count=4&atf_count=0&mdns=0&alldns=0.215&allp=21&fd=(0%2C17%2C10)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=5209&abl=false&rr=n&su=cryptoukr.in.ua&pvc=3028330694832353&r=0.1&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-8022175354273392&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame D6E9 10 KB
4 KB 45ms
44ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 28260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 18:24:00 GMT
etag: 10353107486223812946
expires: Sat, 24 Dec 2022 18:24:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame D6E9 4 KB
636 B 152ms
57ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 01:47:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 02:15:00 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D6E9 205 B
743 B 149ms
45ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 21:47:32 GMT
x-content-type-options: nosniff
age: 16048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 10 Dec 2023 21:47:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D6E9 604 B
694 B 150ms
46ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 01:44:11 GMT
x-content-type-options: nosniff
age: 1849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 11 Dec 2023 01:44:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame D6E9 19 KB
8 KB 157ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 18:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 18:27:25 GMT

GET
DATA 200
OK truncated
/ Frame 4023 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 203d6d61473804a75cc0cf2492a3d1adc289d1f107dfa17727c3eba54aa5f0f5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f767687d18f6fdd37e21a138a80fe3ff8a9d778ac68880b32583b620e93c938

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 705 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13a725c0e157bd8b4eb99160b6cb04aa35eac96d1a7b09d58dae7188c3cdc9f0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 418429c4a131a2b0772b89ad2f35b516c2ec5f7f34cb0323a2b68a3acb00f311

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6aa37c923506c72ed2cd5a1a1b12061d4f6667984019df9215f7a45ef0d1188

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3df63a0eff34ed6e7c80244665fd6c7030fdc8e6c15cfa35de239d78f39270b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08720ce444154873ec2d1ccfc7c4b77c413c135bde28418f8ed89e7c9b77b47c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 875 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e89607f19cd793e88cf8a4b0ed0840951c370de1eb852f0174af9834b18784b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1f9b6ede4bb1cb8a128510647cc7916fc379aa7aee307549c5f007e86f53df8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4023 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e8e997c49bdb1e444377cf25b05c5457cb0a154be1eeb6cf2576ab92a7b0438

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 864D 3 KB
1 KB 63ms
57ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1105446124&adf=2157031148&pi=t.aa~a.2689954535~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Ue6BF89Nmc&p=https%3A//cryptoukr.in.ua&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:52:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 864D 18 KB
7 KB 56ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 864D 0
0 143ms
52ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS93sHf7LqihnYrDMIuIoQCgWzNqJ58IY4TpjnQAcXYgivIMYOawQMTHc_BAoY5uTz9rnBR0j3wsY6jpvMVqkpm_5R9Qw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1105446124&adf=2157031148&pi=t.aa~a.2689954535~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Ue6BF89Nmc&p=https%3A//cryptoukr.in.ua&dtd=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 864D 153 KB
47 KB 217ms
119ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 02:15:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 46F3 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.1998631716~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=0&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1200x280&nras=5&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=CqVRpNX3hs&p=https%3A//cryptoukr.in.ua&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:52:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 46F3 18 KB
7 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 46F3 0
0 126ms
52ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWmK-0-7ea7AZJEiCJtPHbs7zb4l22ddQp8MQspERlv5QRdRxUddIwxR_tVXSKsXB4jEOc9YrNj0abvbK4icoH0lHlVA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.1998631716~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=0&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1200x280&nras=5&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=CqVRpNX3hs&p=https%3A//cryptoukr.in.ua&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46F3 153 KB
47 KB 240ms
159ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 02:15:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 864D 0
0 92ms
91ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6-g8JD2VY6qwD66_9u8P58SDyA7kj9KxXP_Q2ZGIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04MDIyMTc1MzU0MjczMzkyyAEJqQJ-xmmqDZG0PqgDAaoEuwFP0OKl_AhoyV4VapNZ1KyYiC-3xYiP8VnSqETcCScs35o5AmQjDiWjc-XhJA08h5E2vNRmR0sjgY0plCBbvEUZ9iJjuKWc9EFol-hgCEOvZdUkuKmEbwqKD9yGzTqVcvdEMn-etFKDAuTq3r1bGdHLBkctcLWgsfZ_nd2ud3BJ5S_r4LY_WQi5FiSzDioLI-JbCDYlhHbaawI5caL6iYSj9pIDvgtZ_4KSVXbhZ_NI5_ScANYdodfiJ1ppgAb2nbXy9NyNzPABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MDIyMTc1MzU0MjczMzkyGAA&sigh=V7RJMcb4ze0&uach_m=[UACH]&cid=CAQSOwDq26N9A-R2MaWZfk1e1MlT6fYy7AmVqdNXQeGPlIaQzDjrhpdN3mKBNw9vZq-2Fu0igTkgOO1EmXsZGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1105446124&adf=2157031148&pi=t.aa~a.2689954535~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Ue6BF89Nmc&p=https%3A//cryptoukr.in.ua&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 864D 0
0 125ms
39ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLa_FL_6RLAJmAKH-lcYAgAAAAXyJ0oc234zECM9lWMGaAqiFlAqgZqPTwASAAA&wp=Y5U9JAAD2CoH_Z-uAADiZ5v6a1606uOu-o9dFw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 217935
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DEB7 116 KB
42 KB 234ms
153ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5U9JAAD2CoH_Z-uAADiZ5v6a1606uOu-o9dFw&u=%7CLafiglRaK%2BiUPOYiJMOEqFLIJw03zLaUnPi0FoqknAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcVrwsIcAYMSp9NJJxHgFAXQznsbsnR4vLycrLKtw4N_CBhoI4-BlZ3P_mD7f2pWmNlXN2-eKW8BBFTycCadJZZ8D4JlH8aYHaxtID8v2H7Z9UV6tA-TnrjZ-mG7TbMI2eo4sBtAz24eFii-fJ0y97ofP2bLA4bHNsTky3NYdnjKK0s7M0ySMMOJlZ8wPa9HGDwhi6yfW90lkxNSBfhljZqxmZ881gd5BmJ7jkjyW75gYb8lYjFXykZZ9ErRYhty3RZdjtW7-gNMVGWvMgodTM0NfjEpczMZkHrHwzCZSeRqIV1gxXxp_pKwXH98J4Ds0TV9d2sW_Cnadg3yNuBLrOxTp6jFgo0mMw1eWJ9XziHJch169lY2kZede-j_RMpV_OCwzs6Q43SYnxuDvrlA8tv0RZTsCMmDDUQsYtlCmEaAhBQsHHzmIB4I8fL5V_D8DOzawgFIt3JfLN1wZMjHZ0C_edE72QG3iK8OSI7rbf7nT8THhnW8zu8WKs2ckk0GTYbiSvzPXDg0Gl8D5WyhCjoHK4k7QTLm3cMuxcBsasRk4qPkELK0J--DPOsxxFDfbfLlPsAj2ffCg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXXbuJD2VY6qwD66_9u8P58SDyA7kj9KxXP_Q2ZGIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04MDIyMTc1MzU0MjczMzkyyAEJqQJ-xmmqDZG0PqgDAaoEvgFP0OKl_AhoyV4VapNZ1KyYiC-3xYiP8VnSqETcCScs35o5AmQjDiWjc-XhJA08h5E2vNRmR0sjgY0plCBbvEUZ9iJjuKWc9EFol-hgCEOvZdUkuKmEbwqKD9yGzTqVcvdEMn-etFKDAuTq3r1bGdHLBkctcLWgsfZ_nd2ud3BJ5S_r4LY_WQi5FiSzDioLI-JbCDYlhDTYSpDq01D_GnasbhFnIqBa64guX1j5vH3Tg2g9v8gxuQZlzV_69NmYgAb2nbXy9NyNzPABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2r5a8P9M9xFY_bZd4p7YITvQZg5w%26client%3Dca-pub-8022175354273392%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61925cf428702debd95b46542b5e5efb8fd3f2c8dc188ef0017c6fb57e15e1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JNfUlKK2Bj7x0nnoTv3SqpNm38eiNdmjVwMh-el7ZSRskC02z8mae2GsdOhG13muPb06kh97mgizKzDUrUWP1B8tk8eOx4wcMCjqIOZ0ZtJ8BbUvdSuLD9K9eBzBxStST_--W5n6XwwU4iBFpokNMIhy0xZL54hqM2gyzzzASGEZiu1aeSUEXh5lWGj7yPwL93zdRja_DOHDs5iqCI5D17b7W-HpJnQbzIuId2LvzHMQpRJiZxtE4VRwIklsl47AmV3GtA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 73168353
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6EE6 1 KB
643 B 45ms
45ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 60281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Sun, 11 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 47C2 23 KB
9 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1246383015&adf=3306259287&pi=t.aa~a.3414242075~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=2&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0&nras=2&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6KqrlhUuZS&p=https%3A//cryptoukr.in.ua&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 47C2 8 KB
716 B 58ms
57ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 00:34:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 02:15:00 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 47C2 14 KB
3 KB 157ms
45ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 47C2 388 KB
131 KB 159ms
48ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134376
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 47C2 18 KB
7 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 47C2 0
0 118ms
53ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9av67Rm9EUIry--VM2R5YLYFF0p5mMGR_gNjMPv_s_vnBFI6OCR7v60Q_Dd36dTlpbQdpDUIfJqCcc8628Uq_uNpH7w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1246383015&adf=3306259287&pi=t.aa~a.3414242075~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=2&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0&nras=2&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6KqrlhUuZS&p=https%3A//cryptoukr.in.ua&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 46F3 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMk2nJD2VY4zZD4WJ9u8PorOvuAXkj9KxXK-w_YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04MDIyMTc1MzU0MjczMzkyyAEJqQJ-xmmqDZG0PqgDAaoEuwFP0BGG_FTiUeyIGoRNfoA6IJyNtc_-mFJRYLR7BaB0HzEo9RC3H7BwqUrhAgRfc_BeHe4byn8Ysv5XwPPflIJr8wewD97PTO4y0a86KLJdQwWU_IAgY-e1t4vy7svIMAw8KIiPeA6amwzPha3vVLi9pdHf6vjax2VysOA_J1sVmXnb3BL0HvY4upjIyGjW4ZvgpeZBom40rthJKc6d9tuOtXa2OkFfqWcxjg7kgh89ykmgOfDlRMD9BdMxgAa7hqj6s_jMlEegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgwMjIxNzUzNTQyNzMzOTIYAA&sigh=Mixc-2T8fhM&uach_m=[UACH]&cid=CAQSOwDq26N9OK_x-zMnCX8lT9A12GQsYINSw2HmsxM_BpUQ9XspxZ6SbbKH8WL87cs-uAM2BMvCag04NNutGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.1998631716~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=0&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1200x280&nras=5&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=CqVRpNX3hs&p=https%3A//cryptoukr.in.ua&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 46F3 0
0 119ms
39ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kNikE7_6RLAJmAKH-lcYAgAAAAXyJ0oc234zECM9lWOaNF82uHtWF_jiIAASAAA&wp=Y5U9JAAD7IwH_YSFAAvZorVSAvNPD-Gnx0J3TQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 299338
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame ADFD 122 KB
42 KB 155ms
92ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5U9JAAD7IwH_YSFAAvZorVSAvNPD-Gnx0J3TQ&u=%7CLafiglRaK%2Bg3LqetoGG3bOrwhjCcq4gVuHJL2i5CqMA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcVrwsIcAYMSp9NJJxHgFAXY6rBUPinG4AzvkR_9jEFMR8vXKYTuPIZAwB6hSbRvnfeaBzxv4wjldr-vXhXgao2hV6sjTVF0hJMaFRJ4R_ByeqW63REUq2iSnmXVsSOCLNgSSZeLSfOlQY1CMc7RZSUvX2FbrYK9OfC73AhUlWZvNMZBYC7UM4J3qe_VjThd35zEgUhylppfvL25cSfaaxaFqNPPazN5sIizovJ6CZQNH5YWopeM_lN4ljA8eP4Wp8GxSirSthaNNvetPofXqLlIDdPqQC0_SmEBvVCvqFdrPkewvamrKSNQzRPSluWHIMChdnknoKyIOnFyEBqBu97-l7LZD5ai64Dy9DJGtxIcShlI41pNvy_K4yMe0TllQZMAZEAOI4eMMY3S8XFbRa0Y5H_SUi5Sv4HU3AvDz1Vtgg4H01jlaHMWcT6zuWWXScq8Xb7zlw3zG4IPojxCk05n1yhy91WP0Upr-5oBNhFXc4g7dP7AxUFDNmlSYui1qjX8zHdOnGHB5pWtOuSCQl2bdwzxvzL67xgvdgovioCo1tXkc16GhK3x0xw8lykHeY1NDXw0nusqA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCftvmJD2VY4zZD4WJ9u8PorOvuAXkj9KxXK-w_YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04MDIyMTc1MzU0MjczMzkyyAEJqQJ-xmmqDZG0PqgDAaoEvgFP0BGG_FTiUeyIGoRNfoA6IJyNtc_-mFJRYLR7BaB0HzEo9RC3H7BwqUrhAgRfc_BeHe4byn8Ysv5XwPPflIJr8wewD97PTO4y0a86KLJdQwWU_IAgY-e1t4vy7svIMAw8KIiPeA6amwzPha3vVLi9pdHf6vjax2VysOA_J1sVmXnb3BL0HvY4upjIyGjW4ZvgpeZBoiw2j0qaizyYZSmBLfXSpupcvW2NhCD8WZGmrtUBhu7JXBF679aiV_x4gAa7hqj6s_jMlEegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3OLt4-XIyPn-UIBLUHxeqSRFyuRQ%26client%3Dca-pub-8022175354273392%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08328fddcac097be003ac73613a7e557110b24b69185cf5a51bb06e4cf9583e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=r5m7hKK2Bj7x0nno_UnDsWuaDVHWv2wed07Y2_VceLJh_LmYW01dmWF2664itNfwpCVCLZG_-5jcbSRu6zSUnyO42tx2O_5jTi_jjo-p90QuVz3t-VblHSZKAOS0ng583FC44r53wRUfJUubRBANXSVxXHk4IjXyAsjGizxokeVnrujpr2HV1X2h3662wygx2xunyoE1zCnC7O7uuLStgc6W6xlwOw1v5ryDJJiGEzrY_xSmYGkBOjuOCPm93WjFWhGgiA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 48899141
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CB69 1 KB
643 B 45ms
44ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 60281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Sun, 11 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3422 8 KB
895 B 55ms
54ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 00:56:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 02:15:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 3422 2 KB
765 B 168ms
76ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 3422 23 KB
9 KB 150ms
59ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 3422 3 KB
1 KB 165ms
74ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:52:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 3422 18 KB
7 KB 159ms
68ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3422 153 KB
47 KB 96ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 02:15:00 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 3422 34 KB
14 KB 161ms
70ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:16:52 GMT

GET
DATA 200
OK truncated
/ Frame 864D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3aa2c224f6cf6382caa5ae479bfbe719e9a85b24e3e827158c59cdeec84bd3d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EE6
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDFUK7Y7-9VKNrQRgArLsgw&google_cver=1&google_push=ASkJ3Fbqgc8w_YbJlddNoXEqawDBqT-ukLf0jzTglJYM-UOC6gP3IgDg9KZkdWfxkGK_AFMjCQEMwJGC6WZRORiWs0Vi4Jgd8Fq3
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BB6BD13895048E8A7B7D55965CDB69E&google_push=ASkJ3Fbqgc8w_YbJlddNoXEqawDBqT-ukLf0jzTglJYM-UOC6gP3IgDg9KZkdWfxkGK_AFMjCQEMwJGC6WZRORi...

170 B
188 B

155ms
57ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BB6BD13895048E8A7B7D55965CDB69E&google_push=ASkJ3Fbqgc8w_YbJlddNoXEqawDBqT-ukLf0jzTglJYM-UOC6gP3IgDg9KZkdWfxkGK_AFMjCQEMwJGC6WZRORiWs0Vi4Jgd8Fq3

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BB6BD13895048E8A7B7D55965CDB69E&google_push=ASkJ3Fbqgc8w_YbJlddNoXEqawDBqT-ukLf0jzTglJYM-UOC6gP3IgDg9KZkdWfxkGK_AFMjCQEMwJGC6WZRORiWs0Vi4Jgd8Fq3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 10 Dec 2022 02:15:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6EE6 0
191 B 194ms
50ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFoX58hLf4fdOLl6v6qlP2c&google_cver=1&google_push=ASkJ3FZ6kgaLnWmZNiRCKGzPsdT6p3uo6Vz6g0qxYM0eJbNa_DR1ZA6n9Q_n9QobpoeZLQtW8TzjMEQVw0TqmlayE7xUmpVh96Q8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1105446124&adf=2157031148&pi=t.aa~a.2689954535~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Ue6BF89Nmc&p=https%3A//cryptoukr.in.ua&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6EE6 0
119 B 129ms
45ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDjR6-xG8SYKustLob2Cj90&google_cver=1&google_push=ASkJ3FaYDB9LSqeVNCYuc1IBwdudLACUBe5hT0Sp0_0-_ZdmStFrxaIF0WpnliRd9B-2dHyiltqBLYTbV1b4sNJSBHJDpRhjWHv_KQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1105446124&adf=2157031148&pi=t.aa~a.2689954535~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Ue6BF89Nmc&p=https%3A//cryptoukr.in.ua&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EE6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELNjmiPjwblRXDiZG3UgUbQ&google_cver=1&google_push=ASkJ3FbTkuihub7JZNSTHACGAmeK6KuWJskieapnjWBapYLOEHlztw4XWeEya2rS1xgnf_9l4ZN9nAei...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELNjmiPjwblRXDiZG3UgUbQ&google_cver=1&google_push=ASkJ3FbTkuihub7JZNSTHACGAmeK6KuWJskieapnjWBapYLOEHlztw4XWeEya2rS1xgnf_9l4ZN...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc5NjY1MzA2ODcxMDM5Mjk4&google_push=ASkJ3FbTkuihub7JZNSTHACGAmeK6KuWJskieapnjWBapYLOEHlztw4XWeEya2rS1xgnf_9l4ZN9nAei...

170 B
188 B

57ms
57ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc5NjY1MzA2ODcxMDM5Mjk4&google_push=ASkJ3FbTkuihub7JZNSTHACGAmeK6KuWJskieapnjWBapYLOEHlztw4XWeEya2rS1xgnf_9l4ZN9nAeieNz85innsfvinkIC9ApcvA

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc5NjY1MzA2ODcxMDM5Mjk4&google_push=ASkJ3FbTkuihub7JZNSTHACGAmeK6KuWJskieapnjWBapYLOEHlztw4XWeEya2rS1xgnf_9l4ZN9nAeieNz85innsfvinkIC9ApcvA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EE6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA0g2Ta-ddgNtLk9yzSPtyY&google_cver=1&google_push=ASkJ3Fb_Wx6exqhOYUHjKnEUBGBPUsbpbkJYd-L4f3Z_pXm2kHhKaGN6_LlorRRccSDF-0la5Mw...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJJUUdWVlMtUi00NVJU&google_push=ASkJ3Fb_Wx6exqhOYUHjKnEUBGBPUsbpbkJYd-L4f3Z_pXm2kHhKaGN6_LlorRRccSDF-0la5MwEvnNGacGwIHyqY6mlrnnydNqnmw

170 B
188 B

56ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJJUUdWVlMtUi00NVJU&google_push=ASkJ3Fb_Wx6exqhOYUHjKnEUBGBPUsbpbkJYd-L4f3Z_pXm2kHhKaGN6_LlorRRccSDF-0la5MwEvnNGacGwIHyqY6mlrnnydNqnmw

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJJUUdWVlMtUi00NVJU&google_push=ASkJ3Fb_Wx6exqhOYUHjKnEUBGBPUsbpbkJYd-L4f3Z_pXm2kHhKaGN6_LlorRRccSDF-0la5MwEvnNGacGwIHyqY6mlrnnydNqnmw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EE6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECpyR-VLIRPchenp9IwDfVU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECpyR-VLIRPchenp9IwDfVU&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECpyR-VLIRPchenp9IwDfVU&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3Fb-L_Q0LCQuYyK6Iy3mjq2y8d2w3JB0y...

170 B
188 B

56ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECpyR-VLIRPchenp9IwDfVU&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3Fb-L_Q0LCQuYyK6Iy3mjq2y8d2w3JB0y5Tw3ZMuFmaaVec-YjgV0-vlkBl31YA5xPgYyzirZtqnmAZovU31N0kkTT6PwvIJyA

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dlz%2FCK0iPRujUkpRbIqfgCZsykXh6I%2F718xWrUS5YrLzDWP9n41yFJdsvBsMlFe3P6SPEnvTttd%2BPGvBp7isXYFyNkAQkwQjrHQoMUDn6oXDKY%2BEHH7zNFV3a%2By42QpWZSR4pWq68a0PSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECpyR-VLIRPchenp9IwDfVU&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3Fb-L_Q0LCQuYyK6Iy3mjq2y8d2w3JB0y5Tw3ZMuFmaaVec-YjgV0-vlkBl31YA5xPgYyzirZtqnmAZovU31N0kkTT6PwvIJyA
cache-control: no-cache
cf-ray: 777ab5c5ef7c074e-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 6EE6
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELc6XpX5lPBx6H3SwFMTW_g&google_cver=1&google_push=ASkJ3FYNtAJEdM5F0NpejVktGdn0kilVg-avm0xda5OJfn-j7QC8aOc7vWTwoTTJUb-4TThwzSDhK4ntAN1...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYNtAJEdM5F0NpejVktGdn0kilVg-avm0xda5OJfn-j7QC8aOc7vWTwoTTJUb-4TThwzSDhK4ntAN18QB-yCP3zwkAYg030nRA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

45ms
45ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6EE6 0
223 B 194ms
52ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNh9FNwRb1nxPk92UE6btRrVL06GHHCp98-Akja52GkR55B5-2dVmChRnJMFr9pTzuNM_Hkw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB69
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBHDZDxki0hQHt5CcG3ZYRo&google_cver=1&google_push=ASkJ3FYnjgyFtL_LZD-H0i8Vt2CHvdPHFP4g3Q63g1Kg6MNxlutTGJSGrXUHnf6HvE3Bf7eV2lvrEYezPyeNgpk2oKMXqJbDPtN7LGQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B64256B4243846B9955732839DF9AA33&google_push=ASkJ3FYnjgyFtL_LZD-H0i8Vt2CHvdPHFP4g3Q63g1Kg6MNxlutTGJSGrXUHnf6HvE3Bf7eV2lvrEYezPyeNgpk...

170 B
188 B

152ms
55ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B64256B4243846B9955732839DF9AA33&google_push=ASkJ3FYnjgyFtL_LZD-H0i8Vt2CHvdPHFP4g3Q63g1Kg6MNxlutTGJSGrXUHnf6HvE3Bf7eV2lvrEYezPyeNgpk2oKMXqJbDPtN7LGQ

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B64256B4243846B9955732839DF9AA33&google_push=ASkJ3FYnjgyFtL_LZD-H0i8Vt2CHvdPHFP4g3Q63g1Kg6MNxlutTGJSGrXUHnf6HvE3Bf7eV2lvrEYezPyeNgpk2oKMXqJbDPtN7LGQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 10 Dec 2022 02:15:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame CB69 0
173 B 120ms
44ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP1FQrj2_gWdXrxc7npI9Sc&google_cver=1&google_push=ASkJ3FaiPQKpjHK-xSKBc1M4UcZNAhoCS1jL_FTqird17DRr0sR6IgfZwluVY4Yx5UtEKY3Uc544FpNUdrmV9yiK_lwNgyRdm7Xj0KCJ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.1998631716~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=0&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1200x280&nras=5&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=CqVRpNX3hs&p=https%3A//cryptoukr.in.ua&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB69
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIXoJiBR0kfzM6_kEz8ZcvA&google_cver=1&google_push=ASkJ3FbxE291EywCjBvWIuhKO40tIUYxBX4Zr4GxEKy3aKQd_S6VUHGaWoKakV_INY0f0m4kkZ33Qy8FtxHk3Uy7nKBU...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIXoJiBR0kfzM6_kEz8ZcvA&google_cver=1&google_push=ASkJ3FbxE291EywCjBvWIuhKO40tIUYxBX4Zr4GxEKy3aKQd_S6VUHGaWoKakV_INY0f0m4kkZ33Qy8FtxHk3U...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=202d962b-d716-4883-83c4-01da97a31de5
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=202d962b-d716-4883-83c4-01da97a31de5
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=87607d17-7bcd-4d12-9e2b-af9861e79da8&user_group=1&ssp=google&bsw_param=202d962b-d716-4883-83c4-01da97a31de5
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl8-wiOCm-jaTo&google_hm=IC2WK9cWSIODxAHal6M...

170 B
188 B

57ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl8-wiOCm-jaTo&google_hm=IC2WK9cWSIODxAHal6Md5Q==

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl8-wiOCm-jaTo&google_hm=IC2WK9cWSIODxAHal6Md5Q==
date: Sun, 11 Dec 2022 02:15:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB69
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CfD3lv6URwWFEx1Ipl6ZBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

56ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CfD3lv6URwWFEx1Ipl6ZBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYJZFLa-nrQz1gZLaOYhlD23RLtQbdC5VkFsyWES1oxiZaxAI1GhgdtZekMSj08OsPVVybnjOLDDgdZNHQRPgvoi2Ba6l-EowTV

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CfD3lv6URwWFEx1Ipl6ZBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYJZFLa-nrQz1gZLaOYhlD23RLtQbdC5VkFsyWES1oxiZaxAI1GhgdtZekMSj08OsPVVybnjOLDDgdZNHQRPgvoi2Ba6l-EowTV
date: Sun, 11 Dec 2022 02:15:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB69
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECzEBQA_SexwLXC1oJfbYHo&google_cver=1&google_push=ASkJ3FZr8iLdEgOdl0jQ-Uz21cf_OUlLmjNv2CvXp25lX_1EdqS6iD1Uj_ZWwRqG72hynTAMsLLHcq4w46wfVygHe...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECzEBQA_SexwLXC1oJfbYHo&google_cver=1&google_push=ASkJ3FZr8iLdEgOdl0jQ-Uz21cf_OUlLmjNv2CvXp25lX_1EdqS6iD1Uj_ZWwRqG72hynTAMsLLHcq4w46wfVygHe...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZr8iLdEgOdl0jQ-Uz21cf_OUlLmjNv2CvXp25lX_1EdqS6iD1Uj_ZWwRqG72hynTAMsLLHcq4w46wfVygHeN6EAJVzasgZjcsn&google_hm=Fy7nvGZHzQRJL8HeRm...

170 B
188 B

63ms
60ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZr8iLdEgOdl0jQ-Uz21cf_OUlLmjNv2CvXp25lX_1EdqS6iD1Uj_ZWwRqG72hynTAMsLLHcq4w46wfVygHeN6EAJVzasgZjcsn&google_hm=Fy7nvGZHzQRJL8HeRmSgRgQb

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 11 Dec 2022 02:15:00 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZr8iLdEgOdl0jQ-Uz21cf_OUlLmjNv2CvXp25lX_1EdqS6iD1Uj_ZWwRqG72hynTAMsLLHcq4w46wfVygHeN6EAJVzasgZjcsn&google_hm=Fy7nvGZHzQRJL8HeRmSgRgQb
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB69
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIiGEh7efubJdrfpYbhMGsc&google_cver=1&google_push=ASkJ3Fbfj8ohzjzYwg4y4TJ6VOd5GSKVJQGKatqGwZnKdBn_0Uw803YeD0xCCfC_qYcv4tlFErSpRBR9XbuO9iebA3shAINLfW...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fbfj8ohzjzYwg4y4TJ6VOd5GSKVJQGKatqGwZnKdBn_0Uw803YeD0xCCfC_qYcv4tlFErSpRBR9XbuO9iebA3shAINLfWK...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MTUxMDA4NDI0ODU1Nzg4MDQ4Mg%3D%3D&google_push=ASkJ3Fbfj8ohzjzYwg4y4TJ6VOd5GSKVJQGKatqGwZnKdBn_0Uw803Ye...

170 B
188 B

59ms
57ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MTUxMDA4NDI0ODU1Nzg4MDQ4Mg%3D%3D&google_push=ASkJ3Fbfj8ohzjzYwg4y4TJ6VOd5GSKVJQGKatqGwZnKdBn_0Uw803YeD0xCCfC_qYcv4tlFErSpRBR9XbuO9iebA3shAINLfWKWZ0FV

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MTUxMDA4NDI0ODU1Nzg4MDQ4Mg%3D%3D&google_push=ASkJ3Fbfj8ohzjzYwg4y4TJ6VOd5GSKVJQGKatqGwZnKdBn_0Uw803YeD0xCCfC_qYcv4tlFErSpRBR9XbuO9iebA3shAINLfWKWZ0FV
date: Sun, 11 Dec 2022 02:15:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame CB69
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE3jEU7kcV4i-o6stJ20_8w&google_cver=1&google_push=ASkJ3FZmY14cMqoNwDJcVOpE7EYOiQPo3d9Wa2QipZ7C7GaAC2jR7F8jh2qfsl4pBNAprJ4IPeSz63xObvt...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZmY14cMqoNwDJcVOpE7EYOiQPo3d9Wa2QipZ7C7GaAC2jR7F8jh2qfsl4pBNAprJ4IPeSz63xObvtNo_vZHJdZqw4HIdGWaSHzcA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

45ms
45ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CB69 0
40 B 187ms
52ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IM2ahKOHtLEgNIAUlGRFnYqhJvNmG0tRvbzWTHKeKd609r7K2floLygr_jeOoGN5B7Sqv9bQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 46F3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68b30a62869096f4dba940b6bc2a3930699341c3323ef664a2c178cd29e8394f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame ADFD 2 KB
1 KB 140ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5U9JAAD7IwH_YSFAAvZorVSAvNPD-Gnx0J3TQ&u=%7CLafiglRaK%2Bg3LqetoGG3bOrwhjCcq4gVuHJL2i5CqMA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcVrwsIcAYMSp9NJJxHgFAXY6rBUPinG4AzvkR_9jEFMR8vXKYTuPIZAwB6hSbRvnfeaBzxv4wjldr-vXhXgao2hV6sjTVF0hJMaFRJ4R_ByeqW63REUq2iSnmXVsSOCLNgSSZeLSfOlQY1CMc7RZSUvX2FbrYK9OfC73AhUlWZvNMZBYC7UM4J3qe_VjThd35zEgUhylppfvL25cSfaaxaFqNPPazN5sIizovJ6CZQNH5YWopeM_lN4ljA8eP4Wp8GxSirSthaNNvetPofXqLlIDdPqQC0_SmEBvVCvqFdrPkewvamrKSNQzRPSluWHIMChdnknoKyIOnFyEBqBu97-l7LZD5ai64Dy9DJGtxIcShlI41pNvy_K4yMe0TllQZMAZEAOI4eMMY3S8XFbRa0Y5H_SUi5Sv4HU3AvDz1Vtgg4H01jlaHMWcT6zuWWXScq8Xb7zlw3zG4IPojxCk05n1yhy91WP0Upr-5oBNhFXc4g7dP7AxUFDNmlSYui1qjX8zHdOnGHB5pWtOuSCQl2bdwzxvzL67xgvdgovioCo1tXkc16GhK3x0xw8lykHeY1NDXw0nusqA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCftvmJD2VY4zZD4WJ9u8PorOvuAXkj9KxXK-w_YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04MDIyMTc1MzU0MjczMzkyyAEJqQJ-xmmqDZG0PqgDAaoEvgFP0BGG_FTiUeyIGoRNfoA6IJyNtc_-mFJRYLR7BaB0HzEo9RC3H7BwqUrhAgRfc_BeHe4byn8Ysv5XwPPflIJr8wewD97PTO4y0a86KLJdQwWU_IAgY-e1t4vy7svIMAw8KIiPeA6amwzPha3vVLi9pdHf6vjax2VysOA_J1sVmXnb3BL0HvY4upjIyGjW4ZvgpeZBoiw2j0qaizyYZSmBLfXSpupcvW2NhCD8WZGmrtUBhu7JXBF679aiV_x4gAa7hqj6s_jMlEegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3OLt4-XIyPn-UIBLUHxeqSRFyuRQ%26client%3Dca-pub-8022175354273392%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame ADFD 2 KB
1 KB 142ms
46ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame ADFD 308 B
636 B 136ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame ADFD 293 B
621 B 141ms
48ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame ADFD 43 B
348 B 206ms
42ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=wRf4ttK_vZd3tvz8_2i1gDvzWjreiE9AtA-UZV5VySP2rPhIrtbNBgVjcS-P_s4sn2BlZXngAJAF5igBExP4qE6fticbmPYO-DcZXr7kMoQCohth-iL9XUaIHqQDH_av-H8p07t0yGmzQCAXuf8EL-NmupJnDEi7g2KA16PMv1LQPHFuHXOl8nlHk9hX8Cow5u53yEIjDmkJitYwDxAAKfLXVaADfh8uVIVwzl52rArj5oAf3a1YMj_n1ypG06SHyzw-m51N8G0YE0Hsa-R_qCyDLkMiGknDNHlSskafKz7MQSJHByPJEBZ6NfJnsllYivS66VvOZHexwqT9HGwGrbFLMAw985yscxykL22XzA1a9GmptsW_cGkO8skK3SjIBtcJ5rA0_lmS70TqyxbAM8ZoFi7edWs8W3PlzmtNBCIANY1O

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2935516
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame E98A 23 KB
9 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3912392049&adf=451160530&pi=t.aa~a.2860992541~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1157&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280&nras=3&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jRgE1Xd6GA&p=https%3A//cryptoukr.in.ua&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E98A 8 KB
716 B 57ms
56ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 01:39:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 02:15:00 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame E98A 14 KB
3 KB 137ms
45ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame E98A 388 KB
131 KB 139ms
47ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134376
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame E98A 18 KB
7 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 12:10:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E98A 0
0 58ms
57ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCNsXH8OJd6XeM8j6JfYg1K5BTz_6iScTRVHxHCerOgM1HhqKra0F-BcAySrUa0m9aESYL3M4rnYOW70c-uh0bw94TyA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3912392049&adf=451160530&pi=t.aa~a.2860992541~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1157&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280&nras=3&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jRgE1Xd6GA&p=https%3A//cryptoukr.in.ua&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71AC 143 B
166 B 45ms
44ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 01:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DEB7 2 KB
1 KB 66ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5U9JAAD2CoH_Z-uAADiZ5v6a1606uOu-o9dFw&u=%7CLafiglRaK%2BiUPOYiJMOEqFLIJw03zLaUnPi0FoqknAE%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcVrwsIcAYMSp9NJJxHgFAXQznsbsnR4vLycrLKtw4N_CBhoI4-BlZ3P_mD7f2pWmNlXN2-eKW8BBFTycCadJZZ8D4JlH8aYHaxtID8v2H7Z9UV6tA-TnrjZ-mG7TbMI2eo4sBtAz24eFii-fJ0y97ofP2bLA4bHNsTky3NYdnjKK0s7M0ySMMOJlZ8wPa9HGDwhi6yfW90lkxNSBfhljZqxmZ881gd5BmJ7jkjyW75gYb8lYjFXykZZ9ErRYhty3RZdjtW7-gNMVGWvMgodTM0NfjEpczMZkHrHwzCZSeRqIV1gxXxp_pKwXH98J4Ds0TV9d2sW_Cnadg3yNuBLrOxTp6jFgo0mMw1eWJ9XziHJch169lY2kZede-j_RMpV_OCwzs6Q43SYnxuDvrlA8tv0RZTsCMmDDUQsYtlCmEaAhBQsHHzmIB4I8fL5V_D8DOzawgFIt3JfLN1wZMjHZ0C_edE72QG3iK8OSI7rbf7nT8THhnW8zu8WKs2ckk0GTYbiSvzPXDg0Gl8D5WyhCjoHK4k7QTLm3cMuxcBsasRk4qPkELK0J--DPOsxxFDfbfLlPsAj2ffCg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXXbuJD2VY6qwD66_9u8P58SDyA7kj9KxXP_Q2ZGIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi04MDIyMTc1MzU0MjczMzkyyAEJqQJ-xmmqDZG0PqgDAaoEvgFP0OKl_AhoyV4VapNZ1KyYiC-3xYiP8VnSqETcCScs35o5AmQjDiWjc-XhJA08h5E2vNRmR0sjgY0plCBbvEUZ9iJjuKWc9EFol-hgCEOvZdUkuKmEbwqKD9yGzTqVcvdEMn-etFKDAuTq3r1bGdHLBkctcLWgsfZ_nd2ud3BJ5S_r4LY_WQi5FiSzDioLI-JbCDYlhDTYSpDq01D_GnasbhFnIqBa64guX1j5vH3Tg2g9v8gxuQZlzV_69NmYgAb2nbXy9NyNzPABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2r5a8P9M9xFY_bZd4p7YITvQZg5w%26client%3Dca-pub-8022175354273392%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame DEB7 2 KB
1 KB 64ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DEB7 308 B
636 B 377ms
376ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 06 Dec 2023 02:15:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DEB7 293 B
621 B 378ms
378ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 06 Dec 2023 02:15:01 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame DEB7 43 B
347 B 52ms
43ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iqhBfsvqTgzzb90ADB12-6kHc07P9iGHTO8mB3GmUS7wZBJjJKp0wnZEU2LwNtoemwtrDeJ8ud0VtaWs-5B1AhmpzMEzvTa5-dd-87gjciP0bU1umdi-XvQ9-Ggqt7xasAIr9QT3wyKy5RxtPAXxiH0f-zD_TzIS6bpy35bMPZbiQtWT2E6c1TS985-5ajqz-9QoTAdl700Wf4EDoC1g6IrH_LBsMDjGJe-fMX5kAW43IbFoIcdW9WoYnPCK3BucBBRfwCx60YnBRXN6bylnsmMgSX6K4zc-bvUzeemyhnUZKjrHHm3fDdcDrV-AvEsYQeLgwZ8EbYcGf2rfgjqBzWj3NJQ3K1bEz2A9SPFGzhekpilUE0ZnFHxdHkCsQfEg4UjqBrsjN2nYhMnJldxhYWpRbbF8PNki9mFeBftpfoBm0fHS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3495398
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame ADFD 2 KB
900 B 48ms
40ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame ADFD 2 KB
900 B 49ms
42ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame ADFD 12 KB
6 KB 395ms
395ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame ADFD 2 KB
3 KB 117ms
39ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=11894&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F11894%2F200122%2F65a327ddde60433fbcafc6a1bdb8d66f_jet2holidays_2019_refresh_no-sun_no-strapline.png&v=3&w=196&s=5XiOnXT3eKhbaSTEtVOVBKk5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4265326fce10df4752714014d86e9b9c24dfacb9cf7359aa67607a9cdd4a2f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30412493
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2352
expires: Tue, 28 Nov 2023 02:09:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame ADFD 100 KB
100 KB 122ms
44ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=11894&q=80&r=0&u=https%3A%2F%2Fstatic.fr.eu.criteo.net%2Fimages%2F11894%2Fjet2holidays_72724.jpg&v=3&w=800&s=XHYmp4VWSGcxYYqTYPpDpezZ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

07813e766984a88635e28c263368567e308dc9d27b2229d16a95d5570cf3689d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28703839
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 102268
expires: Wed, 08 Nov 2023 07:32:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame ADFD 2 KB
2 KB 115ms
38ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=11894&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fimages%2Fstarrating%2Fstars_4.png&v=3&w=400&s=z0RmSfuAljPVgpBhC3NcqHWe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

234697463018c55508251d42b8249e65cc521f717ab35d30d52cf50ca750094d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29817159
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1537
expires: Tue, 21 Nov 2023 04:47:40 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame ADFD 0
128 B 119ms
41ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=r5m7hKK2Bj7x0nno_UnDsWuaDVHWv2wed07Y2_VceLJh_LmYW01dmWF2664itNfwpCVCLZG_-5jcbSRu6zSUnyO42tx2O_5jTi_jjo-p90QuVz3t-VblHSZKAOS0ng583FC44r53wRUfJUubRBANXSVxXHk4IjXyAsjGizxokeVnrujpr2HV1X2h3662wygx2xunyoE1zCnC7O7uuLStgc6W6xlwOw1v5ryDJJiGEzrY_xSmYGkBOjuOCPm93WjFWhGgiA&sds=2&rev=83862.2&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame ADFD 2 KB
1 KB 56ms
56ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame ADFD 2 KB
1 KB 55ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DEB7 12 KB
6 KB 368ms
368ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DEB7 18 KB
18 KB 130ms
129ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=99248&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F99248%2F220929%2Fb96fc847e1de42afb0a1f580d513e09d_logo_n_square.png&v=3&w=196&s=p5L2wDonO6Lo9fA8guckib3I

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

071e2d5ff255d4bd9b72e36e73649a30c90e2094b75c4007446cb026e4ea1df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30261779
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18558
expires: Sun, 26 Nov 2023 08:18:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DEB7 47 KB
48 KB 131ms
130ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=99248&q=80&r=0&u=https%3A%2F%2Fwww.shakethatweight.co.uk%2Fwp-content%2Fuploads%2F2018%2F07%2F1x-Sachet-Mint-Chocolate-with-glass_210kcals.jpg&v=3&w=800&s=0FHjBpU9Pcc6ysb_4qlrCwC3&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5063a821a85c9dce8460258f59cf9a3b2ccb6d36dce58adf6df1307d6fce517e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:14:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=9620167
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48608
expires: Sat, 01 Apr 2023 10:31:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DEB7 0
127 B 38ms
38ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=JNfUlKK2Bj7x0nnoTv3SqpNm38eiNdmjVwMh-el7ZSRskC02z8mae2GsdOhG13muPb06kh97mgizKzDUrUWP1B8tk8eOx4wcMCjqIOZ0ZtJ8BbUvdSuLD9K9eBzBxStST_--W5n6XwwU4iBFpokNMIhy0xZL54hqM2gyzzzASGEZiu1aeSUEXh5lWGj7yPwL93zdRja_DOHDs5iqCI5D17b7W-HpJnQbzIuId2LvzHMQpRJiZxtE4VRwIklsl47AmV3GtA&sds=2&rev=83862.2&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 11 Dec 2022 02:15:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DEB7 2 KB
1 KB 317ms
316ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DEB7 2 KB
1 KB 319ms
318ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:01 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 47C2 0
327 B 564ms
196ms Ping
image/gif 2607:f8b0:4007:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lbiqgvz8&c=2326600632128&slotId=1163300316064&qqid=CKOgyaG_8PsCFfOg_QcdSKAG5w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 47C2 15 KB
16 KB 170ms
79ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 466209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 47C2 15 KB
15 KB 153ms
63ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 196366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:42:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47C2 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C3XceJD2VY6P-DvPB9u8PyMCauA6g9azxbZnanKDtEI_for3AARABIMPMuY4BYLuGgIDQCsgBBagDAcgDmwSqBO0BT9DuK_8RZ4NOQxfH4ybAtAi2SMecgOnhKE04W7Va5vGAbfu9PGS9xEjQ5z8d2KpX70u2m5yX0D7SE4dQ2QF4_kEi2wy-JFCdww9gJjmhq8W27Dnoj75kFTnub3idYpdonxJUra5UT7zptQXpaPOwTI3g7XFr_0_ZWApOriLvALfWHQEvjEX9K4eXv3cA09a0QwcBGUbCIvf9_SGvncQyiB9J3ftzFCtN6k4YfRisR9YzTLECOsO-pXbzlckIFqlbXj5kQ3DD62fRQPig2M9rsEs3sRkKivWUYMAieGUNXfDm_UjmUH4-u-tc4mwXwASXsbPWlQTgBAOQBgGgBk6AB_HxrL0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOax7ERyBOuh83hA9ATANgTCogUO9gUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1670724900886&ai=C3XceJD2VY6P-DvPB9u8PyMCauA6g9azxbZnanKDtEI_for3AARABIMPMuY4BYLuGgIDQCsgBBagDAcgDmwSqBO0BT9DuK_8RZ4NOQxfH4ybAtAi2SMecgOnhKE04W7Va5vGAbfu9PGS9xEjQ5z8d2KpX70u2m5yX0D7SE4dQ2QF4_kEi2wy-JFCdww9gJjmhq8W27Dnoj75kFTnub3idYpdonxJUra5UT7zptQXpaPOwTI3g7XFr_0_ZWApOriLvALfWHQEvjEX9K4eXv3cA09a0QwcBGUbCIvf9_SGvncQyiB9J3ftzFCtN6k4YfRisR9YzTLECOsO-pXbzlckIFqlbXj5kQ3DD62fRQPig2M9rsEs3sRkKivWUYMAieGUNXfDm_UjmUH4-u-tc4mwXwASXsbPWlQTgBAOQBgGgBk6AB_HxrL0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOax7ERyBOuh83hA9ATANgTCogUO9gUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 47C2 30 KB
16 KB 162ms
69ms XHR
text/xml 142.251.5.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A1G2bZlglCcSbJVonvlgKAl2maRAH8pFsdYAQlYtZMWBbDBQyoDdwMsHVJqU-W8bYmRxUzZW9xZmyoxHTP4B_8hFvKqA&cry=1&dbm_d=AKAmf-DQ2BRWBTRoX4gjQXPtZFyPDQXZ_ldcOvnXyQHEc28rPpNQaIQ340u_wPKVp8V6QpcLMBF38-c7dfeMWyhoiDPrIVKmPL9pFFhHVbIrsqJsGzIViK_DZ46Ra6MQ7sxX-pLmuY9_jlaMYGTvDvwq0N0M0EXDVzkEa53TPw6hXa245zNOlHfqK55_7Zlf5K7AJGql4wtXHxthkLQFA-SRXAN7-_AQOmGCfTtZ20RGSuMbgqO2fRlJGsnOmOWDIsx9YxK406l0eqBVTM1ImjYBqtVFzW03shEIq7jLMSGBPQAfGvHmesyT8TsBX0G7Da8O7LsQ4wQol8wT-nMvIeaXDHqNnJ8ACuMakMuQf3PoiDhfxgzTjbf1N88VZcL4Twso-1XgcMn8Lvgn8XixFN1iWxIxz7sJrEbwOx-KlmYMAYUxNHIDJPIEj4dzAkHFAOmUNYXboEFp0j_FCUtvnj0D6Z-EMKrM3MaMIJxtaIxfnb3ixx-BtvGF62Nkn8ckrLSnwNge4r_5t0Kj828bx6_4oBxVw08gIPVDF2Cn0w8NGtPwxgfcNNwx1bzT1J_7KvIE7S1L7kNLyFs9D0Jx_J8YKp0kaObyv2608-Y2EBn6eo-WQY2H_1JRC3MQ9rmOW8gvH-SFoQ1ZBdNGriM9nbA-H2pI-rVRtsZfhm9V8CfezPdrNl9_HAxhDhQJi8VJGWx74dvuAKNlCDBgt7aDxeNaHpWHSVKgUH_ko-HKiKZ-msF0Feu7L-Mnkfn2b0o3YsTkWVxErkSAID7PVV1IyZUZCS-HlozF8qiDhqhDulr6lQ9JH4b1ZjlfFYL-mmunSaPdkgW_yZNJHEBZvooVyODDPZ04AIY1AD5y_u9HS09w-ObHNEvxHGEyHmpfyMd5b_JQbgQo8K6dHAyQu9aVbGxEtaHG0TcbVgRfGmVypm21MM_VHcAD05gL1G_0X8W_JoCynKVJubWkKLAshjqiBNEyGhvNixilLP155anm-eJL3t9ywZdZZR0GHnqYGqlNGj7OliRa77XhUVRgT8JgYysIlV3y0duH51pzyl-SIw4iDXK0ftw7SoR53e6zYBELAPEG0QNuNVjIwOtZ35o8Y0XD5PwkAvOsfGsSa72h8b4yIA200iSkjPscyBrqbDzf8x9NrjjIhk_SewyE0J9fCkfiD7tdW1JkwDYwHS630u1L_BEiO5MiQGuKqKXjRZLhKPuVZ8x_J0qal_GQA-AsysOIbRhJ65w7WBHTFRxiuUjnZQYN67vg7hIXKFTQb6hLQ_1v1IKXThoNEeCePrxT0TYSO0CQwSylAzl26zeO317Im-JOIZhXyUbNUIeFDlCx8V6tPSwbm6Esfvu0WgskjqA26fhcRdIa4e4ilz2LDfC0ac6SjZf5puW4GfPCQbQOp-kUgvRGDEFuQYDvRQZ7oJqTdw7wF7MQKKpL12P9odcGMZ8K5LsYV3bK9wErGdZknKfmZ4q7hYiVcU6vmyg5CKB2IkMbNLSmqj9PHXFMpuxTitPAulfunFatyLFcExUFZVhGOYgi01fkzHCJaxXAzBG86CBROV1D3eDWI6PcPbP9oChiuy_JOTolW63w49RVLQbSIjh5a6co-WZFurLQE4Y3ibuDLCeU40bs5xUGrzTyv9ehiEJiVLzmKCqBFs1V_dsPZ3LzrO3AEvKbORnAG0kDz5yaHm69kxOoU40BWy_3UX2Lqv_LgS3s8XBXhLP_XlyMxy_m2HVmc-ZNaEEhEcFklBO1NFcZM0e2jPxP0Al3c0ViUHEfIADx_woZKbAv8YROGD0VvKC51wjfypGkJi3azk4BWfMFB396CiiRelQOEDqtyupJ_f2xmYaQPZHwLJWRM7XRrvH1egu51s9RkxDvb2BBkF-r0GrBGMdHEeKU_rfWO6do-TAk9TXL7B-HX_JkQ9jK53L02gY8keAXbwlfXKkru7Dhep5nPAkm6xUl6160aLR2uDZqDkHK1vnfBnaUDLeBj0GViuPHyPCJCbdMzSaVdKf1-Fb3ZLVhi9TUqlA0ttNh_6gLFdnKSalhC8LZcs36-jP0mGfNXJkmQEtwR2TaOvUzWDfKRx9JyGdjlCOYHiQHWQAIXpL_9e739kxQjI_3kkdDj7Ano_W1n58cOVG6WC6qwzngNG5G_Z1yOH6Pesc2ZwROr_t1t0G-xfI6oDe-tmdjtcbHWj9M5GiHGRTQWr0cC9N2uWOwKWxheneq9KAaL6jfy9ENQiGTOPzmHxmwll58EiJcTvZ-_8FzjXBk1RS4kqy7IvWAqkl-SHD2yUUcQW1mJ9ObBZlKWbXaVGaaTSPGDLDG0ojmuKbd1ckKTXs11OjvW8xPMyTjYMqJuSCjPjNIe6Go4fvR_6ld7yFNVzi9Fuvp0-RwiFOhQk1U4HyuL8z3TVAbUH4r0T0Xx2M5YN5D8uvsKvo7EmnUDuK_Aj7tmQYd_xQCdCwSNYCdfgbfpbPdkjF9P9IrjtIfzsCVScSt2jYS2uFohymam72GbUdg0382erpwlfhM3L-GgZ0SoKNBLSmMfKA4hXYy856El_YtS5RtK98Jb8vQi9yJrObewSqxnWfVvxQsAnCYsuJfqYR9GbEVGUHOmdhL_S-2lt68HC1g_lJNcBpWTzzdP4_g_aaFpWkIjAqGjw54WyZYX9mIVv_fNcfRUizKCdBY5BAjn8dZCZwt0w8P3CMvw9MH0jFKiRNh7tegjpEfOgc-fsht080BE4pFpnyANfaxXOGLSPYSNRACJqWBIW59vLOrp0uOnYEX_y2rMOOw2CKqlS2A67mxWX-VJmRz6zMi8URH3XpHwbpJ-NLWhZScqJl3nje4yhKQLB_D2I994ax2mV9MIhelTr3bmQUmnBxnM7J7kzvyggQov2oeZVDdnHyolMQuPpFKRLomQMU4CZIEWiYgkmp3ruFQB6-mGcQYyM4C3ZjQPb7NzNGS_FqlPcCM9iicEezi2Wcdc8zNXHBs-wWZlGt1LTkv7forzUyrXu9NoqoCupeysEqLEDrz6tMbKF63DLO9PSy2R-CvgoWz6H19Vn_7q5X5N5IaNlPGExzdlITEesRKHGwJdD4l73RRxxusgaI-W_dWlBPNppMsqq-RrMe3VcozO0_gZb50dgmQ0RlPTXcYbr_p6-HElX3ndxbeQv5eLpzYEFBbm2uw0g&cid=CAQSOwDq26N9S5P2BZxLkVHZy2WJjaV7HLFhkOcH-bJntCGLPFsBr2MAPY03ZtY3S7KI3Ll_yW5N7f6pm15MGAEgEw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f157.1e100.net

Software

cafe /

Resource Hash

bbfe7f6b7b13ae914494b162870ad2c981d951e3ff8586d10716af7e9e066051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16126
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 47C2 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6iKLJD2VY6P-DvPB9u8PyMCauA6g9azxbZnanKDtEI_for3AARABIMPMuY4BYLuGgIDQCsgBBagDAaoE6gFP0O4r_xFng05DF8fjJsC0CLZIx5yA6eEoTThbtVrm8YBt-708ZL3ESNDnPx3YqlfvS7abnJfQPtITh1DZAXj-QSLbDL4kUJ3DD2AmOaGrxbbsOeiPvmQVOe5veJ1il2ifElStrlRPvOm1Belo87BMjeDtcWv_T9lYCk6uIu8At9YdAS-MRf0rh5e_dwDT1rRDBwEZRsIi9_39Ia-dxDKIH0nd-3MUK03qThh9GKxH1mtNK_epUfg32A598Nn-9dLtWtPwMgA_NxK8m4DSE2KZU_4ksm49ZDlJ7jqXg8ENMxBCYcpI0vZL0o3ABJexs9aVBOAEA4gFpOn8hkeSBQYIAxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_HxrL0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ9PgoGNHc_NoB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE5rHsRHIE66HzeED0BMA2BMKiBQ72BQB0BUBgBcBshccChoIABIUcHViLTgwMjIxNzUzNTQyNzMzOTIYAA&sigh=D7UI9l2p794&uach_m=[UACH]&cid=CAQSOwDq26N9S5P2BZxLkVHZy2WJjaV7HLFhkOcH-bJntCGLPFsBr2MAPY03ZtY3S7KI3Ll_yW5N7f6pm15MGAEgEw&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1246383015&adf=3306259287&pi=t.aa~a.3414242075~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=2&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0&nras=2&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6KqrlhUuZS&p=https%3A//cryptoukr.in.ua&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9EA2 1 KB
643 B 45ms
44ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 60281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Sun, 11 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 47C2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f11dd7f3dd3fb35402ce110b32895e2661a36a11886b48cb031e549d0fa80b7d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71AC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:01 GMT
expires: Sun, 11 Dec 2022 02:15:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame D0FC 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 23:13:48 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame ADFD 16 KB
17 KB 169ms
92ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:01 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame ADFD 16 KB
16 KB 154ms
76ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:15:01 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E98A 0
54 B 498ms
197ms Ping
image/gif 2607:f8b0:4007:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lbiqgw25&c=1730332852545&slotId=865166426272.5&qqid=CNTKyaG_8PsCFZeT_QcdVGcC5Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E98A 15 KB
16 KB 76ms
45ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 466209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E98A 15 KB
15 KB 78ms
47ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 196366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:42:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E98A 0
20 B 80ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CTgyrJD2VY9SoD5en9u8P1M6JqA6g9azxbZnanKDtEI_for3AARABIMPMuY4BYLuGgIDQCsgBBagDAcgDmwSqBOcBT9A-dJNquhOOig1SJHjI8bqUvKi_NOvh9O5c7NLCT1Je71AYKU8QGTR2J2wv_O4swoely52qULxRs_DsUq51Oob0DKpLs_IKbfvdQVvFjS1Wu36S5CxZz0cv7mAMahWq4QV31Mr_i8TClx_L7JVJjSxzAY3aWxVxHvRsNCr8tnGLnqoUo5JSqIV4itpTLPQSa9GNUTgnpuVLUtAPV-88JYa159VhmkJz_GjmA4a14uYIb7ZHIYx2ZZ-woR0_kEUkd3cKY95AePzfM0RoH77RgzTKmKcbqRN5_kFhSjWYTbBKi_hHH7hHwASXsbPWlQTgBAOQBgGgBk6AB_HxrL0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOax7ERyBOuh83hA9ATANgTCogUO9gUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1670724900954&ai=CTgyrJD2VY9SoD5en9u8P1M6JqA6g9azxbZnanKDtEI_for3AARABIMPMuY4BYLuGgIDQCsgBBagDAcgDmwSqBOcBT9A-dJNquhOOig1SJHjI8bqUvKi_NOvh9O5c7NLCT1Je71AYKU8QGTR2J2wv_O4swoely52qULxRs_DsUq51Oob0DKpLs_IKbfvdQVvFjS1Wu36S5CxZz0cv7mAMahWq4QV31Mr_i8TClx_L7JVJjSxzAY3aWxVxHvRsNCr8tnGLnqoUo5JSqIV4itpTLPQSa9GNUTgnpuVLUtAPV-88JYa159VhmkJz_GjmA4a14uYIb7ZHIYx2ZZ-woR0_kEUkd3cKY95AePzfM0RoH77RgzTKmKcbqRN5_kFhSjWYTbBKi_hHH7hHwASXsbPWlQTgBAOQBgGgBk6AB_HxrL0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOax7ERyBOuh83hA9ATANgTCogUO9gUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame E98A 29 KB
16 KB 97ms
59ms XHR
text/xml 142.251.5.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DdvOM9OWrMyG-UAyxPMn8aXvlDLCeuqK7K7uvxaYAgzaN5jz3Wr3sRTCW5TZsowVtXAp_KjdvxlzYjeh0O7CHkkluOHA&cry=1&dbm_d=AKAmf-A4RRYrd1RTxHPHYPmu9TyQ-hnuCCn6GMJukVO81_A9xtC2-higfhJs-fc7WM8AvNyCNXT_FzUPQw3yFJ1lgR0bZOvOsE-XfGZhX1V0zlpi32GDq7J16ROepn0Q_YNHwAG-q0RuTWRwBr45ChvOqFBowOaHPFilt1xOmqEOgLnIUTnBNdR9OWyRW_3B0PT8qQ3AL_NnABSVKqI5lwLXCzwyXBM3-1fmfmZO60KyCfjUvpF1t9c6pawuqBiIH8YF6q_wrKurQvwTdRJgXtb3g966w3ul6WNHZxdfabWgIFEdRZCFdcKjEoooE-LIz_48grRC3_ckKgWA96zzBshaV5j6bvRdLHwnz4hUuS3ev4VW_TE6CeoKi179OVSFFnwC-CFpAgigHIvS4hy3NBkdNcYxLVNQzQQbwphyp6Yh06qIhxqXAR2w6P2TWHuUAhiETxqfQgCjnQS_bWwXjtffE5LdXG8MbcUC5HqqO4ENnDgQqVZbfaGSxDpSXm07qZLFobv4j9SG5wgEOA-KI4Qe1-czAMR9LXnwX84kzCYgUHufJUiMJsgVnLEWVVBIug6hP8oUdm6s6W98w5J2VNARuUxOz3gBflsUbu5nuCanugSrd5GuxBcH5JXGgN-84gj0YYILZGu7DxNTQs8_0TZQLaX6P34iO4bU_yk1PdLZ09toF2eG5Vu-uC2K-qBZEZWPWSPkYB5AYe9EYS8rlECO6Z0l5OgWQLyikdzwwe7Sc0_vkVgDCw1rgwBCm5ojgxh1nk3ZSATR8CYd2PfuKaCjwiv8Osz4_2rq-DwxSi7-zVj1wBCjPNyCadulIL59wmr0X0ZlV8OZPG6Jfc91CfKmz5Sv02Ahu21i1GJtLDYc8pwXkgULEQrhtwfmuhzjvIznFbJSzohGYWPZxCzmDCrpj4wSKQs6R1WCCYOFlgSJ_fhEqzAtvUpKiv8gTcHFHCzrQtA8lUtBYviJR7fgUIKCUye9kBe9r6IhOGHSrKXY2nQDKAIAF9Rvlg5jXj2i0KYioGN7ElQpda_w37TZfgsagqdmC37Ki7cc1d5SfgeDDFiUIK97xnjsvYRNOXYInz1Hddo1OCvJ2lHrljv9jMs-3fzujXokN2f6xFj7XmY9XFRH9n-F08k65xDNFnrlCjtsQYw6f5hQvkSUGxniOQdV_-BrnaCyAnS2SrOFAOtHkqNPw7DFd-gC3TnenCZFlGpv-GnQMOGTuTeERpD4aZoFPUU8Ifzg-U7QheY4mDIbDSeKDiUQfnholKZxzkViKfO9FZZEEVSz4NzsK1J1fPoMzAL2_uDNM3GThdCPk2GJqYjbTFaJQT74juEJP_xONKjf-goY3Lqqu-NkDcPULs0BmYhG0rJOQyha9ahElJlfF_Xl2nxtSDej4hZ-d08i-7Lwtcr_tqtuIkBYsrDtF1povq2HZex41wINKg9JLYlXKMZn1pHtzeb7SUWORQFRWtID3jV0dwGFNI3KlSSFPsn_kRJFf9k3fgVKqu9plL9bmMzrsLl-MFIKVK2cZsPyXkXsZuAyrejtl3OZDJ_MELV8TGgAoecsUtdEkNAMzINsGSZY2WGoTgLOHA8zTEoNKW2XYD1xCPFJXHzQmrsU5b36NL1c7WEbOawx2YY83_B3GIWRS-3ZC9rqfj0D2K-Fq7LbL0vBQEIIcSad2DxKiCCGVZGjjhiuGzhVvlReswftWkdWLZ_SS-ePsBsXEenr3TjG-jMt3IuPoP-QIgpWTgTv0zqXMVJMMzjdgsI4_rqkGGaUQBSFcuOh_VizTIiBfkeDJLgoK9Ra66bROyvK5-lr7TXXittSz3x3-IcVI4K4D4jNdtYgSWAuzzkefmbHyzs6KerfJBnbgfnuvhxx6idsS9X9gqDze46u6zAxHu6TkuiTh5LKXYIR8_M-12zcLlcQJhhSvnMw6dATdyA1qvZWV1YZehKPpfZhAgv1Q02BIOqKo80XtyQA7iR746mssiDJjDodYAxNxez3N9_1zjJLJIgCEJml9D33FoUn8FGYsV2tU7xk9Th_oFdlx2ryQVCKEyRdBKPN1D9r0T0g82HgBwOfUfA3WyKKF4oNyZWpIEgH_vpFs-ioaX6p8hnkVYLMKrMvSyYw6RaIdlzuQ8Rlki-nv2lR-5-l__m3Sc5VLRUwLvZb2e1TEIbG3dK0ToWcRHiykqGCv_EPHYAhXuo3Ch9opQV1g7x5pgKjzQKyxzNrZCbt6xz4xXpIMeNA9s7pw_HFqVG6mWvDupCBaakb9I9avYzaOLEOIwtq_k0p7CGD9vYfm712XBuBdtzB2pzJm_twJg-50llDLSMvwvarXat5ifv056BYDoTIrWdqjJFLZ9K3hAeEWcSs6oTcgtGVy9sVkzl4r_u6D3fukPJpkOQlODZMY70exd6gpygobfQZhhXdc8JQ-Thw22wIlh_zynlgBDOY3Mnk0Ie4SfFDw_E9xzPnBrwmII5Tz0EH1DVT8TGhsPMlZBo56VwSr8NiltUDCCQYK7p1lh22vzZJRr57yKSgOqCcSdyXP9UFSqVkQv8I0pfnzKO4Ew91TA--vCgZ5_JFvArReGDZxQMZev-HIqRZeSeC9cJ87sc_sfA-LfxHPc6WBwAXV9LRavJ901Tj2W8lhqjMNGk43_UHPBkvVSpgyFuv4HFEJdFTd3nZ5PbUwtnUkYGpgmKfrSbzNQ63NjvQq8hpgjaRz9QUt-6EYvczHPNGsHH4Xf-hrMNdjTpYS9he1Nty5DhIup5UYaQmI35mFPLSDRimISj_w8dy-b5znlEmhUfQAsNjNVwuS4sSq5N29Ed0YFwtE-otB-rnx_X_HCP68aI_RbbHIM-R6B07s5xDWIKOQaiVOkwjB4grRzbb8g_zT0-2KzRC8RNJC0qTWOt_9XWi6gPDAuOckHRTH4DDvSI-w43GIJBFtkFnm5LX37A_Zqnat8WtOTvPmEGgzmPtY_gP6YiTdsKM5TjinraRN71CqNKBzyTaTiHZyHaSd4bsM36nzNwiNUTnBxUgi76G-Lvw04sB2lP9cZh4PbfYTRYSR1nxwziMmbwrRsD8GjBUMjb5q51ENRRTcaTEPohmUGUVdQSJEKGoctXWO3bErwMjEtNcsaPAtkLd81dr6kvfrZ3phEnIUuyvUPcQ&cid=CAQSOwDq26N9rBhTkuBzlixMhk5gZgavlZQScPkNiHwOQyecK7nnYidz8qrP-qbbYn8W3nkOS7Scsnhv8Wb_GAEgEw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f157.1e100.net

Software

cafe /

Resource Hash

6bd9c71a3c768e52ba22042af642c9a56f8d482f365ef9852860fa79ca3638b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16043
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E98A 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHK7SJD2VY9SoD5en9u8P1M6JqA6g9azxbZnanKDtEI_for3AARABIMPMuY4BYLuGgIDQCsgBBagDAaoE5AFP0D50k2q6E46KDVIkeMjxupS8qL806-H07lzs0sJPUl7vUBgpTxAZNHYnbC_87izCh6XLnapQvFGz8OxSrnU6hvQMqkuz8gpt-91BW8WNLVa7fpLkLFnPRy_uYAxqFarhBXfUyv-LxMKXH8vslUmNLHMBjdpbFXEe9Gw0Kvy2cYueqhSjklKohXiK2lMs9BJr0Y1ROCem5UtS0A9X7zwlhrXn1WGaQnP8aL4CHEBxdE79GLrJtaeNwzkSeYgjB-ejJ8mfvWByINYaXKGKFbU0pWexiQNG9bWugpf1HLRVHIJ7wZbABJexs9aVBOAEA4gFpOn8hkeSBQYIAxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_HxrL0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ3ZMkGNHc_NoB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE5rHsRHIE66HzeED0BMA2BMKiBQ72BQB0BUBgBcBshccChoIABIUcHViLTgwMjIxNzUzNTQyNzMzOTIYAA&sigh=F37bM0RGZrQ&uach_m=[UACH]&cid=CAQSOwDq26N9rBhTkuBzlixMhk5gZgavlZQScPkNiHwOQyecK7nnYidz8qrP-qbbYn8W3nkOS7Scsnhv8Wb_GAEgEw&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=3912392049&adf=451160530&pi=t.aa~a.2860992541~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1157&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280&nras=3&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jRgE1Xd6GA&p=https%3A//cryptoukr.in.ua&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 02:15:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 858E 1 KB
643 B 45ms
44ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 60281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Sun, 11 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E98A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d728ce2efeb9dadc2916d685e155de1e6b1cf8a62b4b570270dcc6cf498f7ef

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9EA2 0
104 B 215ms
84ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHt-Mzzzx-catKo2Nh89Eek&google_cver=1&google_push=ASkJ3FZq9QtG-Txremi4siWo8RLeHExTB0K9qJdb5_QK-owQKgbW7sKv7_ty6EReI2pKG43_MAj562vf9JmwZAWBlMMT3dixRGaIx3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1246383015&adf=3306259287&pi=t.aa~a.3414242075~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1110x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=2&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0&nras=2&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6KqrlhUuZS&p=https%3A//cryptoukr.in.ua&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EA2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEZpzzfTNSyRLkKkwI-L384&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEZpzzfTNSyRLkKkwI-L384&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SEF1N09yelAxUDRiUlA1&google_gid=CAESEEZpzzfTNSyRLkKkwI-L384&google_cver=1&google_push=ASkJ3FYC-63YpeXlcSDNBxEWOUE-xgA9QRvkIXuu5jQFI4U...

170 B
188 B

55ms
55ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SEF1N09yelAxUDRiUlA1&google_gid=CAESEEZpzzfTNSyRLkKkwI-L384&google_cver=1&google_push=ASkJ3FYC-63YpeXlcSDNBxEWOUE-xgA9QRvkIXuu5jQFI4UGBLEhBN4opQ-mSA-KOKqIWoT76gphqJ0C-r4K3-uSa-WPR2EHcixQuK8

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 02:15:00 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SEF1N09yelAxUDRiUlA1&google_gid=CAESEEZpzzfTNSyRLkKkwI-L384&google_cver=1&google_push=ASkJ3FYC-63YpeXlcSDNBxEWOUE-xgA9QRvkIXuu5jQFI4UGBLEhBN4opQ-mSA-KOKqIWoT76gphqJ0C-r4K3-uSa-WPR2EHcixQuK8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9EA2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH8-Fsts-YoBgWgexlgcTV0&google_cver=1&google_push=ASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH8-Fsts-YoBgWgexlgcTV0&google_cver=1&google_push=ASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSs...

43 B
412 B

190ms
181ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH8-Fsts-YoBgWgexlgcTV0&google_cver=1&google_push=ASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3g4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3g4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 777ab5c8ffb12508-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1032
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH8-Fsts-YoBgWgexlgcTV0&google_cver=1&google_push=ASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3g4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaptxIE4YJJEogRajkJYUpaJ8joYfUtsrk5Tornmrh11jhhBwHUHM4VBshBi-aIIAhPrKK8aal2Za5eABrlgsjBL9hoVSsm3g4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 777ab5c7af182508-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EA2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBXjUt_kiCmZ7QPP24N_M4U&google_cver=1&google_push=ASkJ3FYb9ViR91NuPXSoCcDmba_3Ce38J_2ctbF7uKYSuNYdzc530OeKYRL56Y-D_oCmbRVh-AzZco7Fm3zefYI9b3Knmi3...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYb9ViR91NuPXSoCcDmba_3Ce38J_2ctbF7uKYSuNYdzc530OeKYRL56Y-D_oCmbRVh-AzZco7Fm3zefYI9b3Knmi3KXNVjEKs&google_hm=eS1rUW5vR001RTJwRnF...

170 B
188 B

76ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYb9ViR91NuPXSoCcDmba_3Ce38J_2ctbF7uKYSuNYdzc530OeKYRL56Y-D_oCmbRVh-AzZco7Fm3zefYI9b3Knmi3KXNVjEKs&google_hm=eS1rUW5vR001RTJwRnFjV3pDU3lpc081a1hjenBhMUczZ35B

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 11 Dec 2022 02:15:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYb9ViR91NuPXSoCcDmba_3Ce38J_2ctbF7uKYSuNYdzc530OeKYRL56Y-D_oCmbRVh-AzZco7Fm3zefYI9b3Knmi3KXNVjEKs&google_hm=eS1rUW5vR001RTJwRnFjV3pDU3lpc081a1hjenBhMUczZ35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EA2
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBIbD071Y6U91SVOYtLQHqA&google_cver=1&google_push=ASkJ3Fa_XqQheR1jkf0MoBkPx0OKbcuz6A0vRdE5m7TADoHu0rcDubhRCOLgTIcSuIHDdJvbEfADyVQr21IHyIDOsavN6PS...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBIbD071Y6U91SVOYtLQHqA&google_cver=1&google_push=ASkJ3Fa_XqQheR1jkf0MoBkPx0OKbcuz6A0vRdE5m7TADoHu0rcDubhRCOLgTIcSuIHDdJvbEfADyVQr21IHyIDOsavN6...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fa_XqQheR1jkf0MoBkPx0OKbcuz6A0vRdE5m7TADoHu0rcDubhRCOLgTIcSuIHDdJvbEfADyVQr21IHyIDOsavN6PShaeoX_PY

170 B
188 B

56ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fa_XqQheR1jkf0MoBkPx0OKbcuz6A0vRdE5m7TADoHu0rcDubhRCOLgTIcSuIHDdJvbEfADyVQr21IHyIDOsavN6PShaeoX_PY

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fa_XqQheR1jkf0MoBkPx0OKbcuz6A0vRdE5m7TADoHu0rcDubhRCOLgTIcSuIHDdJvbEfADyVQr21IHyIDOsavN6PShaeoX_PY
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EA2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVvAHTyw-g_BZ4-9aQeapM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVvAHTyw-g_BZ4-9aQeapM&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3FYwF-rdSZflBRm0S4m2Q96aXZ3u5Nz9S...

170 B
188 B

56ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVvAHTyw-g_BZ4-9aQeapM&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3FYwF-rdSZflBRm0S4m2Q96aXZ3u5Nz9S3w4ROTJvkx-s04YgV8rRxD_dPzWPxilfi6dEiUEmX22RozA1w6kD9xPjZbnxHzM2Q

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOK47009a%2FiYbhWVJBeEJbRXTs12EOiBvseDqXdPobBTWMejob6yr%2BTk2N77rCEaRdEclSFHF8OLtF8Q3CvIgaAuLK%2BlqWIEnfnPH9PAHtQePVLvExZw8vVqCf6PYkhG5rceK87XUx3kOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVvAHTyw-g_BZ4-9aQeapM&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3FYwF-rdSZflBRm0S4m2Q96aXZ3u5Nz9S3w4ROTJvkx-s04YgV8rRxD_dPzWPxilfi6dEiUEmX22RozA1w6kD9xPjZbnxHzM2Q
cache-control: no-cache
cf-ray: 777ab5c728cd074e-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EA2
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJwvU7OmH...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202d962b-d716-4883-83c4-01da97a31de5&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

56ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202d962b-d716-4883-83c4-01da97a31de5&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202d962b-d716-4883-83c4-01da97a31de5&%%GOOGLE_PUSH_PAIR%%
date: Sun, 11 Dec 2022 02:15:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9EA2 0
12 B 54ms
53ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JO4WDEZh5B0FJRiY0_Y_U-qymKCFXP8QaZwl-uRNlaja0evo63yvtCDUdt-zGBFfLR1AbzVA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 858E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGtFchotWSGouy16OldjEbU&google_cver=1&google_push=ASkJ3FYYvEC1Q3Yvwg6ynxc1eqOnQ7iMzdTQ096auZPNcJoK3oZ0RvxNUA9cQZjSVZpkjqU4YK-fCn14RpPZlu-rFa3Y9QPnXeZm4qQd
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUwNDU2MDk3MjQxMTQwNzk5OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGtFchotWSGouy16OldjEbU&google_cver=1

43 B
398 B

172ms
38ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGtFchotWSGouy16OldjEbU&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 11 Dec 2022 02:15:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGtFchotWSGouy16OldjEbU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGzwWp_eTCYogpN0pVlhdPM&google_cver=1&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl8-wiOCm-jaTo&google_hm=IC2WK9cWSIODxAHal6M...

170 B
188 B

57ms
57ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbpJgADCpqFjot-mQb_ua4KGZAIrOQDD8waOSaKcUKhAaHwd2IWpW9LrNtPn4OGSa5mAUKm0wu_iYsQf82wuqnl8-wiOCm-jaTo&google_hm=IC2WK9cWSIODxAHal6Md5Q==
date: Sun, 11 Dec 2022 02:15:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGQ_R68y-CV0UIAwQbZiUGo&google_cver=1&google_push=ASkJ3Fa0v9GviKA88hVMSi7ANd2-RsJkI0c31ePOjwfC5ZHfYMXDGsCi3cQtjD3H-nW22VIndOjUE-Sv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc5NjY1MzA2ODcxMDM5Mjk4&google_push=ASkJ3Fa0v9GviKA88hVMSi7ANd2-RsJkI0c31ePOjwfC5ZHfYMXDGsCi3cQtjD3H-nW22VIndOjUE-Sv...

170 B
188 B

82ms
82ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc5NjY1MzA2ODcxMDM5Mjk4&google_push=ASkJ3Fa0v9GviKA88hVMSi7ANd2-RsJkI0c31ePOjwfC5ZHfYMXDGsCi3cQtjD3H-nW22VIndOjUE-SvuyZEZREsne_2athSaHbRGwTZ

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc5NjY1MzA2ODcxMDM5Mjk4&google_push=ASkJ3Fa0v9GviKA88hVMSi7ANd2-RsJkI0c31ePOjwfC5ZHfYMXDGsCi3cQtjD3H-nW22VIndOjUE-SvuyZEZREsne_2athSaHbRGwTZ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFsjbeuTXyLW_TptaUkpUMw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFsjbeuTXyLW_TptaUkpUMw&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3FbKxAKV0yulDzSBSuDfPYfR4lv47Uu6n...

170 B
188 B

83ms
82ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFsjbeuTXyLW_TptaUkpUMw&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3FbKxAKV0yulDzSBSuDfPYfR4lv47Uu6ns8ti5SNhp4-Oxd2zDc44CSaj--LPtmk9LM-960JyTyuOaeYUzt_NZxpaD6Shhdp9ls

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HYwJaZ8ll28MRX4LIClMLnD18fVU8TBCvMVy1vqPaP78jZcli0JM8H1SwhPkXKcoAFs1nhXihEHhS0VDXPU8jiJ2lztRls%2BYTe0r2qdX2XkksWNlwQ6M8g4ODqMJVc2nAKMdrYDW2mQ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFsjbeuTXyLW_TptaUkpUMw&google_hm=Y5U9JIDme7FZtKG6CgX75QAAArkAAAAB&google_nid=index&google_push=ASkJ3FbKxAKV0yulDzSBSuDfPYfR4lv47Uu6ns8ti5SNhp4-Oxd2zDc44CSaj--LPtmk9LM-960JyTyuOaeYUzt_NZxpaD6Shhdp9ls
cache-control: no-cache
cf-ray: 777ab5c7a929074e-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOgmFKzSelByaLvtWbyNVHs&google_cver=1&google_push=ASkJ3FbFSf_Ttbnk5uDOYJykhxT23_mj4LKAZMFf-Js7jCik06ANxEwQQBFe7QEk9Q3DU_aiWg76y5ejdLqr7qGZqoZ8kS01G_...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MTUxMDA4NDI0ODU1Nzg4MDQ4Mg%3D%3D&google_push=ASkJ3FbFSf_Ttbnk5uDOYJykhxT23_mj4LKAZMFf-Js7jCik06ANxEwQ...

170 B
188 B

81ms
81ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MTUxMDA4NDI0ODU1Nzg4MDQ4Mg%3D%3D&google_push=ASkJ3FbFSf_Ttbnk5uDOYJykhxT23_mj4LKAZMFf-Js7jCik06ANxEwQQBFe7QEk9Q3DU_aiWg76y5ejdLqr7qGZqoZ8kS01G_wl4Ck

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MTUxMDA4NDI0ODU1Nzg4MDQ4Mg%3D%3D&google_push=ASkJ3FbFSf_Ttbnk5uDOYJykhxT23_mj4LKAZMFf-Js7jCik06ANxEwQQBFe7QEk9Q3DU_aiWg76y5ejdLqr7qGZqoZ8kS01G_wl4Ck
date: Sun, 11 Dec 2022 02:15:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

report
sync.teads.tv/um/ Frame 858E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEESboUSSvA6nnFo2pqUsZ0Q&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FaqgIDmEiPFtNXEjvemZviYLU11Y-F4PpmYGFGijZJVPXRp3VagT6j5qZRUyEVkX93AXX7HxmHZ6ivX2GJ8v5Yj0PLNdtIbJimphg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

73ms
73ms

Image
image/gif

23.3.109.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.3.109.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-122.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sun, 11 Dec 2022 02:15:01 GMT
pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858E
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEB5PQ45ud...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202d962b-d716-4883-83c4-01da97a31de5&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

63ms
63ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202d962b-d716-4883-83c4-01da97a31de5&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=202d962b-d716-4883-83c4-01da97a31de5&%%GOOGLE_PUSH_PAIR%%
date: Sun, 11 Dec 2022 02:15:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 858E 0
12 B 53ms
53ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LB5CMjP80bCEeBaFUk7UnD59ksvwsRyqqsimJ1Yb3y9j8ZMtgX1wjcxzwmVY22qw0mPbDS_Dw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame E98A 41 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:14:16 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-aigzrn76.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E98A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r5---sn-aigzrn76.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

169ms
34ms

Fetch
video/mp4

2a00:1450:401f:6::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-aigzrn76.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6F6337C26E1706A48AB8CECB77B6B9B526A35B6B.3B2ECC618A12EE957B7FBB579707F9CCE1BE4FB2/key/cms1/cms_redirect/yes/mh/NE/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1670724539/mv/m/mvi/5/pl/48/file/file.mp4

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:401f:6::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 02:15:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4430192
Last-Modified: Mon, 28 Nov 2022 13:34:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 11 Dec 2022 02:15:01 GMT

Redirect headers

date: Sun, 11 Dec 2022 02:15:01 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-aigzrn76.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6F6337C26E1706A48AB8CECB77B6B9B526A35B6B.3B2ECC618A12EE957B7FBB579707F9CCE1BE4FB2/key/cms1/cms_redirect/yes/mh/NE/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1670724539/mv/m/mvi/5/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 47C2 41 KB
15 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:14:16 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-aigzrn7d.c.2mdn.net/videoplayback/id/515fce67586e4ab9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090461/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 47C2
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/515fce67586e4ab9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090461/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-aigzrn7d.c.2mdn.net/videoplayback/id/515fce67586e4ab9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090461/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

130ms
33ms

Fetch
video/mp4

2a00:1450:4009:34::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-aigzrn7d.c.2mdn.net/videoplayback/id/515fce67586e4ab9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090461/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20977F8F03CBEB13285D3AD82332C5F1286A9E43.18F971848802574DD12EAB8497CAF4B5B9715B60/key/cms1/cms_redirect/yes/mh/2Q/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1670724539/mv/m/mvi/4/pl/48/file/file.mp4

Requested by

Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4009:34::9 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 02:15:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2234773
Last-Modified: Mon, 28 Nov 2022 13:32:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 11 Dec 2022 02:15:01 GMT

Redirect headers

date: Sun, 11 Dec 2022 02:15:01 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-aigzrn7d.c.2mdn.net/videoplayback/id/515fce67586e4ab9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090461/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20977F8F03CBEB13285D3AD82332C5F1286A9E43.18F971848802574DD12EAB8497CAF4B5B9715B60/key/cms1/cms_redirect/yes/mh/2Q/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1670724539/mv/m/mvi/4/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8A2E 23 KB
9 KB 68ms
68ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 134861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 12:47:20 GMT
expires: Sat, 09 Dec 2023 12:47:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 792F 23 KB
9 KB 77ms
44ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 134861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 12:47:20 GMT
expires: Sat, 09 Dec 2023 12:47:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A2E 36 KB
16 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 152ms
60ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b652fd4bf66cfe26df2e80871e1d9b62d0fe433bc4fbc0e4224df68f558ca857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11207
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 792F 36 KB
16 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

POST
H2 204 ngx_pagespeed_beacon Show response
cryptoukr.in.ua/ 0
66 B 66ms
66ms XHR
text/plain 2a01:4f9:3a:3c13::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptoukr.in.ua/ngx_pagespeed_beacon?url=https%3A%2F%2Fcryptoukr.in.ua%2F
Requested by: Host: cryptoukr.in.ua
URL: https://cryptoukr.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:3a:3c13::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cryptoukr.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
cache-control: max-age=0, no-cache
server: nginx

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
45ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1559033752&t=timing&_s=2&dl=https%3A%2F%2Fcryptoukr.in.ua%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20CRYPTOUKR%20-%20Free%20Bitcoin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2656&pdt=3&dns=1&rrt=165&srt=103&tcp=142&dit=933&clt=933&_gst=923&_gbt=1132&_u=IAhAAEABAAAAACAAI~&jid=&gjid=&cid=1027546694.1670724900&tid=UA-210418737-1&_gid=1401970057.1670724900&z=1486199688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Dec 2022 21:43:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16283
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-aigzrn7d.c.2mdn.net/videoplayback/id/515fce67586e4ab9/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090461/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 47C2 2 MB
2 MB 72ms
33ms Media
video/mp4 2a00:1450:4009:34::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:34::9 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8a8ae3f0944af0582a06a2f8321090db065baa9fcfdacd4f1a2929abc1e00408

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 11 Dec 2022 02:15:01 GMT
date: Sun, 11 Dec 2022 02:15:01 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2234772/2234773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2234773
last-modified: Mon, 28 Nov 2022 13:32:47 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 02:15:01 GMT

GET
H3 206 file.mp4
r5---sn-aigzrn76.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E98A 141 KB
0 72ms
34ms Media
video/mp4 2a00:1450:401f:6::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401f:6::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 11 Dec 2022 02:15:01 GMT
date: Sun, 11 Dec 2022 02:15:01 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4430191/4430192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4430192
last-modified: Mon, 28 Nov 2022 13:34:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A2E 0
20 B 82ms
81ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BudmRJT2VY5KfAcvjxgLYmYqgDwAAAAA4AeAEAg&bg=!X1ylXBjNAAYgquz3AKo7ACkAdvg8Whr7sdppvWqqzg9es9pdDihRdwiyhBQB9_NX4Sq8_mVOkcyKZwIAAACIUgAAAAJoAQcKAEdZQ_XD5KGqnj700BFsdPVf3J6j92ifsA-3TzF71nKo91dMm6zloz8mhiXQNZ0N8hs-UjFwy5HNSp1onL2qY9BH7iL34JzdFpkCycAX7zrmGk6GgJqK6AZGpgjlg2qOZeMJw-Dvw5frXAr67Fy5vxVI1TypZoH1dpc70-RmmlfMpooW_UhI9IjIAltSm2Gw4QB55EFByToT1QkM6SSqN9m4yt61dH2ZsYqL2KytHR1NIyBkVtNeSQPe3374hxyC8cX0Vpq1FV-8JXuqOnWlW8O3vIeilqe74aHV7FyYRV-D9S_IbE03eFbI9loFDwMmXL_7EtiqRQvRNeXH2afpOAqBh3F2A_75iBZUME0bHBhQ5fcTvH5o3A7d7qbCfT0vLWGn1MDCB1S3kURT2nWosvfnXNmGssf34ltEglvWtjyzAL9X2N2e0X04fSdc99Xurypv-AX0c7M6h2mk_m01UgRg27RM9GWVYvrNXnIyePvYckCGQsRmPEhROUuQ66WJTh24MHYD3gJEKIs6QPS9_hPN8ewsCZuGTIyADEvg0JNsB6XY19w_e-beq2KYsDUTHQxYwtRoxlDYyXT6PzTAuy3v8keWRMn59rt-zxLjDrYh1lHk1Kkad9z0xUr-GCeDzswlGwIbAHhoCxYzqyfoTo2ous9S48tfQnHCA769YUjIRPLz4fMQprKz0eU6q_4sYPLkjRXSWJh-Vz6EVGBLELa1uVVvlsP3_jSAq0Xlhwzq0Xn5qiaZ5RnqxU5ucPAuTFMcDUAH_DvHgYR6obTJ9AtPmXdFLz4MLcAlWpHbyKXRwPY5MHkiTDTSKQ22T7LTaAew-HRxyofinozP8y5LNMXzOXnavwzL8SP7DhEmtXqKuU4eWWApzvt06JAxWJxZHTLVW-3BZxi8jOmpQuHFc75m2y3noqnTc9zhH1SRga9mZFy8_6V1et3jVOpKp0fFoW979L-sVT7nJgOEL0ZeJXWN89T8HwHP3Cv9dfcW488HbQNOuzK0fbtdB-x3OsySSJMh5tSKABO4QWVSvzWhW_moAqEf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 792F 0
20 B 84ms
83ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B3m-jJT2VY9qzAcjYkdUPwvmbUAAAAAA4AeAEAg&bg=!4uGl4aXNAAYgquz3AKo7ACkAdvg8WuVBie7JEklcgqJeZu1s-uGKie-FAWNujfZ6cReWsHwMC79FrgIAAACLUgAAAAJoAQeZAs280fz7H2fKvrtDAp3CgfIGsnb46RPGrEG5EQ2e69KTU7MczzfAMyoJXzQnF0X0-5pjjWUtkPaA_D3Smx8KCRIENc9toCQPqoOvSR47N28LHUOuRSiLnehQQaoTlj7xtkPc8lSbznrZGrRUCoqrAsVkt33pSTMVuGcDHqR5etXUz6CNh_Lwl7yAPOmlLNxY_Yv9EGpwGv9wT0KBfT1n3O_87Fdlyb_WLt9G5gT5EJVkcPMo_rIDMmMeJZd9Yiq7YRLMtc7tiF184IACjSXumhexosnFqunqe8SVWX0n8OOE-h3rwM5ZEzikE1J8iHp0AfNdyEqdfSNpLv7rO4iMEpAy50U3kuBdoXx9m9AY0w40jlOnrViAK_w6vjhkFWXkzEfMxKsdbVY6VexP5c6cTzBlXrAGew_Y7qGq9hIX_rOZUnCQQbMfsTGSWrdb8ut00bFxiGgpqADD9Vf7dYHzSanEgaOv1bqdcYQfFYXCgKldY2loudbRrIl72FtZNd3XlRz-5Z28ywStmh5n75olcIQ66neEeP9uax9rMsNy1FqeNbNux2Fne7WctSjJsn3iJT4zvNuGZ1kR3Haye8Yo5giJQIepN2hsBjKxFDTApTUAlqjBzZxiGkdQHtjQvYKIDKZSk10urGaYvNio7Q5pECPdXCu4Li3mtkF-S6P9MrnSQlWaD1bjRoaEAIE6vmuf4VGSruhROSSntS1PaSXT1SWwQNoOyyMbbR_sd3RVL5eNUfJTbwJrPa7SYPg2lmuFKB9UQAEjsl87bOAjci9dmo3ruZ3LjAe9UEFW_V9o2tD5EeQVfmTEko8haQJfgbrB-u9qD9-ZYy1o3ILXUVOYqSx6xIYMY2Wz6OpjwvhZtlMnyEEb2aRcm6oH3vHfufi-r4XB6jHSKlHI7GLsJhHrDEtEW6vaceAzir_7wdgbGoZpSVQL-lymZFSFY80Zr_I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 663F 13 KB
5 KB 46ms
44ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 10665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 23:17:16 GMT
expires: Sun, 10 Dec 2023 23:17:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CE6C 783 B
534 B 68ms
63ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74e07a8ef7b53827b54bc5b4c664a6d49c73769131330c19d063175d4524584e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2yiARuAVuWIyIkUUwsDcQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cryptoukr.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-2yiARuAVuWIyIkUUwsDcQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 02:15:01 GMT
expires: Sun, 11 Dec 2022 02:15:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 663F 36 KB
16 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 23:13:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CE6C 0
0 78ms
78ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=3028330694832353&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 663F 0
10 B 44ms
44ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G6U-Zg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 02:15:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 47C2 0
54 B 499ms
198ms Ping
image/gif 2607:f8b0:4007:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lbiqgw0o&c=2326600632128&slotId=1163300316064&qqid=CKOgyaG_8PsCFfOg_QcdSKAG5w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
83ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=3028330694832353&bg=!j4yljMjNAAYgquz3AKo7ACkAdvg8WurnT151WvHBYbvecdaB4-iok1njPZmjHiyNaGbgN_wri7EnugIAAABLUgAAAAJoAQeZAqfjW8GLO80rEKKhWvZNx8MfomMEdAQflsXA4MdZcnai2lVV3E4tHiGRgboh6Tz5Y3Q6LLD8l-to5yfEtIc168ASJHat4UhGOb-J3da38SEZQES_m0kFoxfL4WfMSO3J9NO8Mb_HVwCaZvQICSlMLH3qdfDcjzs6hUas32z54COLS2GsMWwtjPcygHL_vCh1W1T7yRIhUbVXBroSIKqKskA-UM6gyvlOtmLDEXg0pBwVNKjQsnsSQg26REPd6wpu6IwTSXOzBYznC86k3O8JsiVkGuTWSRxppHZISsd5pkUCPrYK-QvNF7WACLCNTiRf-SuBhREaOIhHqTr4xtaOYy611CvgtQyMY2BrO6hkBbG4Zupcub-AK-nkku0hh98UOuR3bMDp-qgRo_-9h4DH23mPufUyDGgHTdygbhqpi6UuixclT6p-rlyzw_OxH3S6CwqRzhCNMaHykgLYYxS7BXI4vFF5f7fbMSVlNBPrqIkFOlM3q1JILsIKbIBay0MaXH-pLn-U9cEshKNw-xuNeO6yS6---CstnhPHEqU_a_Oece6czPkbxJo1FEJ2iCqq0wZE4n6hJ66k4W970oK-kF9yemD2Mq2-dXcYb5bAMadhIQ5bSuAasqed6n-hu_dZL2tQOQ1mdxy-r-Hkxg1H7xNOs_mId_v2PnVvXZWVZYuuogBU_lowk3BFDEx3JuhLcMx_gqHMf0q7Y9_LZTFAqbYsqSfIyd_Lw70vUwFjGE9ipH7egMx3XmQAZuw0j17sMbarJKqgp0AV4hck7MlE0n8uFyKieLlsyjOMZR4vVz3UscjDovUPVtM2VMHu2Zc2Y0ST3wIt_ZoLXr16x04OT_d8QOo8oTYK6vv80spAaMMOb0ptMfqyiBUbYSK40omZCMOpEb390E6Z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cryptoukr.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame E98A 0
17 B 353ms
196ms Ping
image/gif 2607:f8b0:4007:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lbiqgw2j&c=1730332852545&slotId=865166426272.5&qqid=CNTKyaG_8PsCFZeT_QcdVGcC5Q&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4007:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 02:15:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DEB7 0
127 B 38ms
38ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 11 Dec 2022 02:15:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cryptoukr.in.ua/	1970-01-20 08:05:32	Name: csrf_cookie_name Value: 24e3cffed6e37ab8e07ba7c15f01f136
cryptoukr.in.ua/	1970-01-20 08:06:51	Name: ci_session Value: 476b26c8e79f7febb26f3e594cf874272fc53e36
.cryptoukr.in.ua/	1970-01-20 17:41:24	Name: _ga Value: GA1.3.1027546694.1670724900
.cryptoukr.in.ua/	1970-01-20 08:06:51	Name: _gid Value: GA1.3.1401970057.1670724900
.cryptoukr.in.ua/	1970-01-20 08:05:24	Name: _gat Value: 1
.cryptoukr.in.ua/	1970-01-20 17:27:00	Name: __gads Value: ID=7a97d0dec85ff31d-2254eb5cffd800de:T=1670724899:RT=1670724899:S=ALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q
.cryptoukr.in.ua/	1970-01-20 17:27:00	Name: __gpi Value: UID=000008cfdf3a6d47:T=1670724899:RT=1670724899:S=ALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ
.blismedia.com/	1970-01-20 16:51:04	Name: b Value: 63953D24F8D45F7715531D59BLIS
.doubleclick.net/	1970-01-20 17:27:00	Name: IDE Value: AHWqTUl_-w6ce5i7S-8T1mqcZ2mfAAgVn9kCnCTk92tVLPPMb5H5e239FJcKKFRQ4QE
.casalemedia.com/	1970-01-20 16:51:00	Name: CMID Value: Y5U9JIDme7FZtKG6CgX75QAA
.casalemedia.com/	1970-01-20 10:15:00	Name: CMPS Value: 697
.casalemedia.com/	1970-01-20 10:15:00	Name: CMPRO Value: 697
.simpli.fi/	1970-01-20 16:52:27	Name: suid Value: B64256B4243846B9955732839DF9AA33
.lijit.com/	1970-01-20 16:51:00	Name: ljt_reader Value: Fy7nvGZHzQRJL8HeRmSgRgQb
.3lift.com/	1970-01-20 10:15:00	Name: tluid Value: 4591510084248557880482
.adform.net/	1970-01-20 08:50:03	Name: C Value: 1
.pubmatic.com/	1970-01-20 08:06:51	Name: KTPCACOOKIE Value: YES
.adform.net/	1970-01-20 09:31:48	Name: uid Value: 179665306871039298
.bidswitch.net/	1970-01-20 16:51:00	Name: tuuid Value: 202d962b-d716-4883-83c4-01da97a31de5
.bidswitch.net/	1970-01-20 16:51:00	Name: c Value: 1670724900
.bidswitch.net/	1970-01-20 16:51:00	Name: tuuid_lu Value: 1670724900
.pubmatic.com/	1970-01-20 16:51:00	Name: KADUSERCOOKIE Value: 09F0F796-FE94-4705-8513-1D48A65E9905
.doubleclick.net/	1970-01-20 08:05:28	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 10:15:00	Name: CMTS Value: 5070
.de17a.com/	1970-01-20 16:43:48	Name: guid Value: 1.1169558106122792720
.yahoo.com/	1970-01-20 16:51:22	Name: A3 Value: d=AQABBCU9lWMCEHXICngzCmzjZaqQEwQov5AFEgEBAQGOlmOfYwAAAAAA_eMAAA&S=AQAAApB4A8EKh6QOT112bhKQWEg
.w55c.net/	1970-01-20 17:35:39	Name: wfivefivec Value: HAu7OrzP1P4bRP5
.turn.com/	1970-01-20 12:24:36	Name: uid Value: 4504560972411407998
.w55c.net/	1970-01-20 08:48:36	Name: matchgoogle Value: 5
pool.admedo.com/	1970-01-20 16:51:00	Name: tuuid Value: 87607d17-7bcd-4d12-9e2b-af9861e79da8
pool.admedo.com/	1970-01-20 16:51:00	Name: c Value: 1670724901
pool.admedo.com/	1970-01-20 16:51:00	Name: tuuid_lu Value: 1670724901
.tribalfusion.com/	1970-01-20 10:15:00	Name: ANON_ID Value: atnseFriItgP3PTReGyRS9KujuOMgCNe6tpqIQmakC1fjYWrFkEWLdcZahLGMxTuXZc62SBZd2iqUW1vHcJ7CrK

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022175354273392&output=html&h=280&adk=1105446124&adf=2157031148&pi=t.aa~a.2689954535~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1670724900&rafmt=1&to=qs&pwprc=7273757017&format=1200x280&url=https%3A%2F%2Fcryptoukr.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670724900203&bpp=1&bdt=1158&idt=-M&shv=r20221206&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7a97d0dec85ff31d-2254eb5cffd800de%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MbawU4oPs92WNe7Dn7l1GLWrUkb_Q&gpic=UID%3D000008cfdf3a6d47%3AT%3D1670724899%3ART%3D1670724899%3AS%3DALNI_MZDDYnRmnHPh6x75B2WOF53pKkWoQ&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=2712632659574&frm=20&pv=1&ga_vid=1027546694.1670724900&ga_sid=1670724900&ga_hid=1559033752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606&oid=2&pvsid=3028330694832353&tmod=1167605254&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Ue6BF89Nmc&p=https%3A//cryptoukr.in.ua&dtd=15 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
api.maanimo.com
apps-pnd.ctengine.io
appsha-pnd.ctengine.io
bid.g.doubleclick.net
c1.adform.net
cat.fr.eu.criteo.com
cdn.ctengine.io
cm.g.doubleclick.net
cryptoukr.in.ua
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
image6.pubmatic.com
imasdk.googleapis.com
maanimo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
r.turn.com
r4---sn-aigzrn7d.c.2mdn.net
r5---sn-aigzrn76.c.2mdn.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.tribalfusion.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.248.245.213
142.251.5.157
172.64.154.237
178.250.0.160
185.64.189.115
2001:678:cb4:bbbb::11
213.155.156.166
216.52.2.39
216.58.212.162
23.3.109.122
2606:4700::6812:18ad
2607:f8b0:4007:80a::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4009:34::9
2a00:1450:400c:c07::9c
2a00:1450:401f:6::a
2a01:4f9:3a:3c13::1
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::8
2a02:2638::2
2a02:2638::b
2a02:6ea0:c700::17
2a02:fa8:8806:12::1370
2a05:d018:d29:3601:a85c:a571:e676:b675
2a0d:da00:a:4018::
2a0d:da00:a:401c::
3.122.66.11
3.123.143.143
34.96.105.8
35.204.158.49
35.210.53.219
37.157.3.30
51.89.9.254
69.173.144.138
88.198.1.29
98.98.134.241
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
071e2d5ff255d4bd9b72e36e73649a30c90e2094b75c4007446cb026e4ea1df0
07813e766984a88635e28c263368567e308dc9d27b2229d16a95d5570cf3689d
08328fddcac097be003ac73613a7e557110b24b69185cf5a51bb06e4cf9583e4
08720ce444154873ec2d1ccfc7c4b77c413c135bde28418f8ed89e7c9b77b47c
08d23aa80824f1516c8c11387425eb21e47b2add095f330bd2896f7859cab21b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
13a725c0e157bd8b4eb99160b6cb04aa35eac96d1a7b09d58dae7188c3cdc9f0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1c9a7dc8d57cc746e7af995b069dbe464833994d2de824116a9ccc1948f64746
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e89607f19cd793e88cf8a4b0ed0840951c370de1eb852f0174af9834b18784b
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
203d6d61473804a75cc0cf2492a3d1adc289d1f107dfa17727c3eba54aa5f0f5
234697463018c55508251d42b8249e65cc521f717ab35d30d52cf50ca750094d
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
2f767687d18f6fdd37e21a138a80fe3ff8a9d778ac68880b32583b620e93c938
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3264b4a7590f8d08295f2ab2a71a911913cf797494916f3fede8b116518ceed2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d728ce2efeb9dadc2916d685e155de1e6b1cf8a62b4b570270dcc6cf498f7ef
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
418429c4a131a2b0772b89ad2f35b516c2ec5f7f34cb0323a2b68a3acb00f311
41ab072aa599b58d2c2eeaf3f2cf5f8947e027bf2892cb0b51bfc331b1d2465c
4265326fce10df4752714014d86e9b9c24dfacb9cf7359aa67607a9cdd4a2f8a
432bbe9eba01c8518ab71def481326144d0e6d91bca5ef0212fdcf84be3d507f
455046eb93cdb3bbd37701b24fa903201be5c69fe441e14525324d7f9443a710
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5063a821a85c9dce8460258f59cf9a3b2ccb6d36dce58adf6df1307d6fce517e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c790c863500fb7c30a6bd54d831cd0d7d2d29888ef2c5f1a8039d5adb4fcb28
5e82fd1a91088e29926a4e6b4f0d25855168b5d973373eaaa6a5ea34ba2fa91b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61925cf428702debd95b46542b5e5efb8fd3f2c8dc188ef0017c6fb57e15e1d0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
68b30a62869096f4dba940b6bc2a3930699341c3323ef664a2c178cd29e8394f
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b42a874ffe6254d1b713bab8fe5fdb862c50f4da2109cfb01ce9154c993e885
6bd9c71a3c768e52ba22042af642c9a56f8d482f365ef9852860fa79ca3638b8
6c322561da95a7c793e2b60d867560b3bc4ff8ff392e95112d480b1255c0a379
6e8e997c49bdb1e444377cf25b05c5457cb0a154be1eeb6cf2576ab92a7b0438
7029ccf1a4e15e4458145001fec570185f68c441c0812823c6d1accc61c6823c
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74e07a8ef7b53827b54bc5b4c664a6d49c73769131330c19d063175d4524584e
78579d2ac1241db15da9ef80449cd0deaeb85d5f36963c46be6d2ef54d30c9c6
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8445dad30e846942a0f8e8f223713025039f6c248d40a4815e966a556f46d9b8
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8825dc4d61a2cadba97be1943b3915899749a233d2e719ea734e2ff043a0f421
8a8ae3f0944af0582a06a2f8321090db065baa9fcfdacd4f1a2929abc1e00408
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92405bc8bd30bb135d0303b296f3d9b362624ae2255fddb54ba6eb478771cb32
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b652fd4bf66cfe26df2e80871e1d9b62d0fe433bc4fbc0e4224df68f558ca857
b6aa37c923506c72ed2cd5a1a1b12061d4f6667984019df9215f7a45ef0d1188
b7495c11aa1118d36a7c83de0af4e273fe4b774d142f6cb2b28f70b4c09bf671
bbfe7f6b7b13ae914494b162870ad2c981d951e3ff8586d10716af7e9e066051
c1bd3925c9321802488a88427917a08313bbf658e6897f34ca1fef99cd4eeda5
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c32e6ffdb07fa6ceceae33032eb4253de66b1d8138f4336003ea24bfcbb86457
c3aa2c224f6cf6382caa5ae479bfbe719e9a85b24e3e827158c59cdeec84bd3d
d1f9b6ede4bb1cb8a128510647cc7916fc379aa7aee307549c5f007e86f53df8
d3df63a0eff34ed6e7c80244665fd6c7030fdc8e6c15cfa35de239d78f39270b
d50e7e68c24b7c158fe9f5a68d7adf11b5ff21cb040d944451edda6c59bdcae8
d55a5c61473b36719f0434a2f891888608b891b11b96953184c96122d7628edc
d697bedcf6292a33ac5e5c3a1f5c156e4c96d136877dab0500ee224c39802302
d7e44f6256457bb27ed304069baf221db53da70c655f146fd789091d90eef245
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2bdbafbba7ee2f87c77fc68c7c649eb951549b048640db446741f3c9dc0d0e
f11dd7f3dd3fb35402ce110b32895e2661a36a11886b48cb031e549d0fa80b7d
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fa1e122ec0cfdb99660d319f7d8da86ca4dabc60374e8d4da40346af7520d9ab

cryptoukr.in.ua Open in urlscan Pro 2a01:4f9:3a:3c13::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

86 %HTTPS

63 %IPv6

34 Domains

55 Subdomains

39 IPs

10 Countries

4148 kBTransfer

7256 kBSize

33 Cookies

0 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cryptoukr.in.ua Open in urlscan Pro
2a01:4f9:3a:3c13::1 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

86 %
HTTPS

63 %
IPv6

34
Domains

55
Subdomains

39
IPs

10
Countries

4148 kB
Transfer

7256 kB
Size

33
Cookies

189 HTTP transactions
14 data transactions