ye.ua Open in urlscan Pro
2606:4700:10::6816:3cfa Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ye.ua/
Effective URL:
https://ye.ua/
Submission: On November 03 via api (November 3rd 2022, 5:04:49 am UTC) from GB — Scanned from GB

Summary HTTP 130 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 130 HTTP transactions. The main IP is 2606:4700:10::6816:3cfa, located in United States and belongs to CLOUDFLARENET, US. The main domain is ye.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 4th 2022. Valid for: a year.

This is the only time ye.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:2bd5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2606:4700:10:... 2606:4700:10::6816:3cfa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:c00... 2a04:4e42:c00::282	54113 (FASTLY) (FASTLY)
1	91.218.213.49 91.218.213.49	42352 (QOS) (QOS)
1	193.200.64.20 193.200.64.20	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
14	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
130	14

1 2606:4700:10::ac43:2bd5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:10::6816:3cfa (United States)

ASN13335 (CLOUDFLARENET, US)

ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
openx2.ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.218.213.49 (Ukraine)

ASN42352 (QOS, UA)
PTR: nrcu.gov.ua

radio.nrcu.gov.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.20 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.network

dominantroute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	558 KB
40	ye.ua 1 redirects ye.ua openx2.ye.ua	552 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	164 KB
6	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
4	gstatic.com fonts.gstatic.com	104 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	188 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5594	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	690 B
1	dominantroute.com dominantroute.com — Cisco Umbrella Rank: 97726	137 KB
1	nrcu.gov.ua radio.nrcu.gov.ua
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1996	450 B
130	12

	Domain	Requested by
41	tpc.googlesyndication.com	ye.ua googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
26	ye.ua	1 redirects ye.ua
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com ye.ua googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	ye.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	openx2.ye.ua	ye.ua openx2.ye.ua
5	www.google.com	4 redirects tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	dominantroute.com	ye.ua
1	radio.nrcu.gov.ua	ye.ua
1	polyfill.io	ye.ua
130	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
accounts.google.com
www.instagram.com
www.youtube.com
twitter.com
t.me
invite.viber.com
openx2.ye.ua
khm-radio.ye.ua
radio.ye.ua
ua.sinoptik.ua
kam-pod.ye.ua
memory.ye.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-04` - `2023-04-03`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
radio.nrcu.gov.ua R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
dominantroute.com R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://ye.ua/
Frame ID: DE68408E6506DDDFC8F357B9C7018E1D
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: 4F7C7DE5425A3D094BC8859721438243
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667451884&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884488&bpp=3&bdt=1361&idt=178&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&correlator=7456993971032&frm=20&pv=2&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=faIxJHCVyp&p=https%3A//ye.ua&dtd=197
Frame ID: C4FF5B896653BDB6FF72E6397608A3FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&adk=1812271804&adf=3025194257&lmt=1667451884&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fye.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884491&bpp=2&bdt=1364&idt=216&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=223
Frame ID: 85B562ED40D13ADFC8F1BFBC2B13F6E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884494&bpp=1&bdt=1367&idt=224&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QJouwWhLyC&p=https%3A//ye.ua&dtd=227
Frame ID: 9CB0E7713C3BC904F0901BD7627F7656
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233
Frame ID: 7747D9ACEBFE8429150873BCDB733D15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1367&idt=237&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=I2gVdk0oxo&p=https%3A//ye.ua&dtd=240
Frame ID: 48D5D5A27D04B74C46E40DECFB7BCDE5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html
Frame ID: 743E38730D1A10A64B5908DCEDDA0B43
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9Kf_7EtjY56MM43l3wOv6pTYCpu4059t8fO_zeIQx4z2yNA2EAEgucf6FWCVAqABsorBqgHIAQmpAr6jmznEeKg-qAMByANIqgSwAU_QNjJwNnH2OQrIxRpKb9zrY4gvPyJuGWa8HJPVwyMY0eUNBMhDG0uphWl9WYV8SPHXY4b0SybF9zQGQiKdfm1AF3_wKE9S9UD3d6XjAVu1EqzRy8IqGN7wXU9AX3UFd87i4gWCU6RPkJHQOzmi7KDkWzrmcYYy73uj4PV_wG-KchBf3HCl2BxCXNchwznsokhvNsXJ5IDGY6y1ZhYAlVd2kAaaMFZ2Txe457_4wK9BwATGjZvRogSSBQQIBBgBkgUECAUYBKAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCFpAbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMjE2ODQyNDQ5MTI3MzY1GAA&sigh=-klO2YxNdOs&uach_m=[UACH]&cid=CAQSGwDq26N93DzIKXeONrn8U0_NwqjLkSxH7X_JvxgBIA4&template_id=419
Frame ID: 93F89BBB863ECFE1F9851092FA7DF19A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html
Frame ID: 9E81AF3F408DA0CC150B1069B6C0E54F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CNCfv7EtjY7HRM7LQxgPip4T4BJu4059t6e-_zeIQx4z2yNA2EAEgucf6FWCVAqABsorBqgHIAQmpAr6jmznEeKg-qAMByANIqgS6AU_QMaSubXn9bt-xH-rYfCRZIArbZCjR5v6w1_WNK0PQHhP-vAo7XtpFfqjReQ448rOTr4KkxHAec137XMAGrMpAH7_c0J-r0k7gRe75bCzU-dviwPv4wKYn-kpY6UeLzei0u4cnxTL9J5CElHXbELukcP52uBda_4WVWyKeNzFR9ho-Gm6RZ0ZwqksIRp4GOrkJGDiDSkYHLgpmxVQXtMufzBTGHHMS3pk4PS32Z9QiOET9HMYOy6Sh3sAExo2b0aIEkgUECAQYAZIFBAgFGASgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQi90E0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMTIxNjg0MjQ0OTEyNzM2NRgA&sigh=KV7phOwlnO8&uach_m=[UACH]&cid=CAQSGwDq26N9ab075gYcsL9smKO4XWBgk3MF92jwMRgBIA4&template_id=419
Frame ID: 59445E40B094C9C422A3981BA10CA743
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html
Frame ID: BB3AD76B7C1868DD8D5284E8B2881EBC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CMLq-7EtjY9LVM6zJ1fAPtuamyA6buNOfbenvv83iEMeM9sjQNhABILnH-hVglQKgAbKKwaoByAEJqQK-o5s5xHioPqgDAcgDSKoEtAFP0DEKAgMarfYhGq63TreGJSraAWcvXD6p41fgBcYjK0cPPr8gwboVuuz7HYZ7STpmWQ4yLxO1KR2efRVxR_vW54lrGZTJT1jtkd1sq4rYQi3qbnnoKW6vmSi4QVaKDjDwQgCmvB7B4qcOQwLW7D-9TzagGt2DlBjyAx6AUBh1HxkW1EqfY68lvSm4wvGWQJj_tfyIQq2vhEs1tkzyOg2Egxn3aMDpfiSEeTwrbj3HIbGUzE7ABMaNm9GiBJIFBAgEGAGSBQQIBRgEoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM-EAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTEyMTY4NDI0NDkxMjczNjUYAA&sigh=OTaJZA005mI&uach_m=[UACH]&cid=CAQSGwDq26N9Eswlv6_nnyTFVGEgPaqJAbzrqfgAJhgBIA4&template_id=419
Frame ID: 07EC33DEE04C7A40D23D991F68014D6F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DBC17206407A192AD6F711C3D7C9EA19
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D06465063B40B807998003C3E2561133
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 09ACB72B4982E34C8EA5A5A0CFE38D8B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ECA7AD821B1F063D939C405C5310688F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: 0DEE74E2EB38DA08E7B02B4F32CD526E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EB5BF0B7A7FE35D755BCE3A075FA8D27
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7C076394B1888F4DDA7E804FAE2172B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Хмельницького "Є" | ye.ua ye-logo.v1.2 На правах реклами

Page URL History Show full URLs

http://ye.ua/ HTTP 301
https://ye.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

100 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

1707 kB
Transfer

4079 kB
Size

13
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/v2.10/dialog/oauth?client_id=2010787465808195&scope=email&redirect_uri=https://ye.ua/include/other/all/fb.php

Search URL Search Domain Scan URL

URL: https://accounts.google.com/o/oauth2/auth?scope=email%20profile&state=%2Fprofile&redirect_uri=https://ye.ua/include%2Fother%2Fall%2Fgoogle.php&response_type=code&client_id=972825115840-li07dtavfsc46bibgg6ngt89ngk4ti00.apps.googleusercontent.com&approval_prompt=force

Search URL Search Domain Scan URL

URL: https://www.facebook.com/www.ye.ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ye.ua/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gazetaE

Search URL Search Domain Scan URL

URL: https://twitter.com/GazetaYEnews

Search URL Search Domain Scan URL

URL: https://t.me/yeuanews

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQB2YhGIZF29XEpluCJevfH%2BsB2C%2BPPVaT%2B8U14DWSTUUX5G66bRxOGSH0OHxhDE

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=64__zoneid=25__cb=fcdc80d1f6__oadest=https%3A%2F%2Fye.ua%2Fogo%2Fadd%2F%3Fref%3Dright-col

Search URL Search Domain Scan URL

URL: http://khm-radio.ye.ua/
Title: khm-radio.ye.ua

Search URL Search Domain Scan URL

URL: http://radio.ye.ua/
Title: radio.ye.ua

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=65__zoneid=28__cb=da599207ea__oadest=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fyeuaogo%2F%3Fref%3Dshare

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=73__zoneid=27__cb=f59748a364__oadest=https%3A%2F%2Fmotopoland.com.ua%2Fua%2F

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D1%85%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%B8%D0%B9
Title: Погода на 7 днів

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=71__zoneid=21__cb=4b3767ae0f__oadest=https%3A%2F%2Ftabletki.ua%2F%25D0%259D%25D0%25BE%25D1%2580%25D0%25BC%25D0%25BE%25D0%25B2%25D0%25B5%25D0%25BD%2Fpharmacy%2Fkhmelnitsky%2F

Search URL Search Domain Scan URL

URL: https://kam-pod.ye.ua/
Title: kam-pod.ye.ua

Search URL Search Domain Scan URL

URL: https://memory.ye.ua/
Title: Книга пам'яті

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ye.ua/ HTTP 301
https://ye.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

130 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ye.ua/
Redirect Chain

http://ye.ua/
https://ye.ua/

170 KB
42 KB

502ms
410ms

Document
text/html

2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.0

Resource Hash

925bcb507309f0b69f06997738cb926e1ef4e5c4c221cf05ad391381a43b2928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7642921b1e1c72f7-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 03 Nov 2022 05:04:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.0
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-Ray: 764292198bb776de-LHR
Connection: keep-alive
Content-Type: text/html
Date: Thu, 03 Nov 2022 05:04:42 GMT
Location: https://ye.ua/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ye.ua/js/js/js/ 85 KB
30 KB 209ms
207ms Script
application/javascript 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/jquery.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-1538f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7642921dbfd572f7-LHR

GET
H2 200 jquery.cookie.min.js Show response
ye.ua/js/js/default/ 2 KB
947 B 53ms
51ms Script
application/javascript 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/default/jquery.cookie.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b6e442e0162e2c67d3cf272012edd38a95076ecb4b71f54c28a8810f4dbbb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 05 Aug 2015 07:56:00 GMT
server: cloudflare
content-encoding: gzip
age: 18352972
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7642921dbfdd72f7-LHR
x-xss-protection: 1; mode=block
expires: Tue, 04 Apr 2023 19:01:11 GMT

GET
H2 200 popper.min.js Show response
ye.ua/js/js/js/ 20 KB
7 KB 54ms
54ms Script
application/javascript 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/popper.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 06 Sep 2018 06:25:06 GMT
server: cloudflare
content-encoding: gzip
age: 18352972
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7642921ec88a72f7-LHR
x-xss-protection: 1; mode=block
expires: Tue, 04 Apr 2023 19:01:12 GMT

GET
H2 200 bootstrap.min.js Show response
ye.ua/js/js/js/ 50 KB
14 KB 170ms
170ms Script
application/javascript 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/bootstrap.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-c62b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7642921f08a872f7-LHR

GET
H2 200 polyfill.min.js Show response
polyfill.io/v2/ 222 B
450 B 584ms
200ms Script
text/javascript 2a04:4e42:c00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 16:31:54 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/99.0.0
server-timing: cache-lax10631, PASS, fastly;desc="Edge time";dur=12
accept-ranges: bytes
content-length: 126

GET
H2 200 app.min.js Show response
ye.ua/js/js/js/ 34 KB
10 KB 204ms
203ms Script
application/javascript 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/app.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b49df55acb1072af429ec4f155107c35de1921d9053fabb2693b0e57749f224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-89ce"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7642921f28bb72f7-LHR

GET
H2 200 asyncjs.php Show response
openx2.ye.ua/www/delivery/ 10 KB
4 KB 163ms
126ms Script
text/javascript 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://openx2.ye.ua/www/delivery/asyncjs.php
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: f3b5932558e6a765f1bfc3fb5ee364013cd03588adcf0f22293a77ddf2e90df0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Thu, 03 Nov 2022 06:04:43 GMT
cf-ray: 7642921f68dd72f7-LHR

GET
H2 200 bootstrap-custom.css
ye.ua/css/css/css/ 191 KB
26 KB 58ms
57ms Stylesheet
text/css 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/bootstrap-custom.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0854243cee262b5de8673e332e533bcf232cda58cc48405d79998d6888ada200

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 10 Jan 2019 10:11:36 GMT
server: cloudflare
age: 12628204
vary: Accept-Encoding
content-type: text/css; charset=utf-8
content-encoding: gzip
cache-control: public, max-age=31556926
cf-ray: 7642921dbfd872f7-LHR
x-xss-protection: 1; mode=block
expires: Sat, 10 Jun 2023 01:09:23 GMT

GET
H2 200 fontawesome-custom.css
ye.ua/css/css/css/ 54 KB
12 KB 70ms
69ms Stylesheet
text/css 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/fontawesome-custom.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b59270e2d2a3730d00b61b36541001751277b940d73846e9f44ee7f189c60b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 18352972
cf-polished: origSize=55047
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 14 Jan 2020 09:45:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7642921dbfda72f7-LHR
expires: Tue, 04 Apr 2023 19:01:11 GMT

GET
H2 200 app.min.css
ye.ua/css/css/css/ 59 KB
11 KB 172ms
171ms Stylesheet
text/css 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/app.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ddaf573663b8243cc0e85098b1723ace007f1c13d83f6a1a95c554e37162fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-edf0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7642921dbfdb72f7-LHR

GET
H2 200 legacy.min.css
ye.ua/css/css/css/ 10 KB
3 KB 51ms
51ms Stylesheet
text/css 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/legacy.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

890d81648be2bed4a1da49a1bab308041e26f3f6267f4dd41a76f3e2541e6fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 09 Jun 2022 21:16:47 GMT
server: cloudflare
content-encoding: gzip
age: 12613690
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7642921dbfdc72f7-LHR
x-xss-protection: 1; mode=block
expires: Sat, 10 Jun 2023 05:11:17 GMT

GET
H2 200 icon_256x256.webp
ye.ua/images/ 11 KB
11 KB 204ms
203ms Image
image/webp 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/icon_256x256.webp

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ac0c44e962362e044f2df416f2553775b38b1b8064470f648825aa8d2a8996e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 10868
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 19:28:25 GMT
server: cloudflare
etag: "62a4ecd9-2a74"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f28bd72f7-LHR

GET
H2 200 big__Tragediya_izyimu__istoriya_zhinki_yaka_vryatuvala_z_pid_obstriliv_chotiroh_vnuchok_1_2022_11_02_04_49_01.JPG
ye.ua/images/news/topnews/ 87 KB
88 KB 175ms
175ms Image
image/webp 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/big__Tragediya_izyimu__istoriya_zhinki_yaka_vryatuvala_z_pid_obstriliv_chotiroh_vnuchok_1_2022_11_02_04_49_01.JPG

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

279661d0bd460810e07f8b635582664cf599e4a5e75d7ba9a6d4413491529e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=jpeg, origSize=137164
content-disposition: inline; filename="big__Tragediya_izyimu__istoriya_zhinki_yaka_vryatuvala_z_pid_obstriliv_chotiroh_vnuchok_1_2022_11_02_04_49_01.webp"
content-length: 89216
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 02 Nov 2022 17:36:15 GMT
server: cloudflare
etag: "6362aa8f-217cc"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f28be72f7-LHR

GET
H2 200 print.min.css
ye.ua/css/css/css/ 2 KB
993 B 203ms
202ms Stylesheet
text/css 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/print.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd8fe10f28fa2e884b988f4ef91390487f598e21fb54eb9c1a11ed39d647288a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-666"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7642921f38c072f7-LHR

GET
H2 200 open-sans-v15-cyrillic_latin-regular.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 196ms
196ms Font
font/woff2 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-regular.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468f87ca7a0cf5529eb96f6ed5c5fb253e0be79e9a8412c6d367a91e6eb7bb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4ad4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f38ca72f7-LHR

GET
H/1.1 200
OK ur1-mp3-m
radio.nrcu.gov.ua/ 143 KB
0 893ms
683ms Media
audio/mpeg 91.218.213.49
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://radio.nrcu.gov.ua/ur1-mp3-m
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.213.49 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: nrcu.gov.ua
Software: nginx /
Resource Hash

Request headers

Referer: https://ye.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 05:04:40 GMT
icy-name: UA:Óêðà¿íñüêå ðàä³î
Server: nginx
icy-br: 128
Transfer-Encoding: chunked
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
icy-pub: -1
Cache-Control: no-cache, no-store
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK vinos.js Show response
dominantroute.com/bens/ 137 KB
137 KB 256ms
102ms Script
text/javascript 193.200.64.20
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dominantroute.com/bens/vinos.js?24657&u=null&a=0.0049881859719806965
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.20 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: etarg.network
Software: nginx /
Resource Hash: c8f43650614fce620ab907a0593912237b54322ec6097757f319427b189b1619

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript; charset=utf-8
Date: Thu, 03 Nov 2022 05:04:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 ornament.svg
ye.ua/css/css/images/ 1 KB
614 B 50ms
49ms Image
image/svg+xml 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/css/css/images/ornament.svg

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7c176af91f6fc30c3e49051636d4b456531b4e75245a62d931c9a8bb77ea4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/css/css/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 06 Sep 2018 06:27:13 GMT
server: cloudflare
content-encoding: gzip
age: 18352972
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31556926
cf-ray: 7642921f58d572f7-LHR
x-xss-protection: 1; mode=block
expires: Wed, 04 May 2022 19:01:12 GMT

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fa-brands-400.woff2
ye.ua/css/css/fonts/ 60 KB
60 KB 181ms
181ms Font
font/woff2 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-brands-400.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 61336
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-ef98"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f68e072f7-LHR

GET
H2 200 fa-solid-900.woff2
ye.ua/css/css/fonts/ 49 KB
49 KB 227ms
227ms Font
font/woff2 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-solid-900.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 50372
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-c4c4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f68e172f7-LHR

GET
H2 200 open-sans-condensed-v12-cyrillic_latin-700.woff2
ye.ua/css/css/fonts/ 22 KB
22 KB 196ms
195ms Font
font/woff2 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-condensed-v12-cyrillic_latin-700.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94e274617dd12daa61f94f74bcd2a3ceb82ad275b53ef797946a3608b0e1222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 22776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-58f8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f68e272f7-LHR

GET
H2 200 fa-regular-400.woff2
ye.ua/css/css/fonts/ 12 KB
12 KB 196ms
196ms Font
font/woff2 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-regular-400.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 12188
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-2f9c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f68e472f7-LHR

GET
H2 200 open-sans-v15-cyrillic_latin-700.woff2
ye.ua/css/css/fonts/ 19 KB
20 KB 195ms
195ms Font
font/woff2 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-700.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10ff7ad5c1f3ce5c6ad2b17ef06f8a0515628d04a00178bc6bdefc23d8ba94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19836
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f78e672f7-LHR

GET
H2 200 open-sans-v15-cyrillic_latin-600.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 194ms
194ms Font
font/woff2 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-600.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848e3ddf8d07c81ebc0ee309dfc63a60b0b970d46857911c5f2e78487825a3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19716
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d04"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f78e972f7-LHR

GET
H2 200 open-sans-v15-cyrillic_latin-300.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 184ms
183ms Font
font/woff2 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-300.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd2bc32e766754718771fbbd323bd27ae4e64f71b28d87a619368ebf52a3c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19744
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7642921f88f972f7-LHR

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 asyncspc.php Show response
openx2.ye.ua/www/delivery/ 5 KB
1 KB 68ms
67ms XHR
application/json 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://openx2.ye.ua/www/delivery/asyncspc.php?zones=23%7C25%7C28%7C29%7C27%7C30%7C21%7C34&prefix=revive-0-&loc=https%3A%2F%2Fye.ua%2F
Requested by: Host: openx2.ye.ua
URL: https://openx2.ye.ua/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 733802e9803203863dc7a683a609fb66ce734bddb38425250c71bf4024696f9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye.ua
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 76429222db4b72f7-LHR
expires: 0

GET
H2 200 s.js Show response
ye.ua/cdn-cgi/zaraz/ 5 KB
3 KB 56ms
56ms Script
text/javascript 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ye.ua/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyJUQwJTlEJUQwJUJFJUQwJUIyJUQwJUI4JUQwJUJEJUQwJUI4JTIwJUQwJUE1JUQwJUJDJUQwJUI1JUQwJUJCJUQxJThDJUQwJUJEJUQwJUI4JUQxJTg2JUQxJThDJUQwJUJBJUQwJUJFJUQwJUIzJUQwJUJFJTIwJTVDJTIyJUQwJTg0JTVDJTIyJTIwJTdDJTIweWUudWElMjIlMkMlMjJ4JTIyJTNBMC4zMTQ5NTMyMzgzODc3MzY3JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ5ZS51YSUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a07303ca793f89719c2708b5540987979fd24e6ba388530802eb2923a1e784ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:43 GMT
content-encoding: gzip
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://ye.ua
content-type: text/javascript
access-control-allow-credentials: true
cf-ray: 76429222db4e72f7-LHR
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
55 KB 408ms
77ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5c2b682895173a68c299d89e0c1220498f641fbe5d2284d98e97b905417cef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55473
x-xss-protection: 0
server: cafe
etag: 14088292196717352155
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 05:04:44 GMT

GET
H2 200 sm__Pogoda_na_zavtra___3_listopada_na_Hmelnichchini_mine_bez_opadiv_1_2022_11_02_02_51_36.JPG
ye.ua/images/news/topnews/ 13 KB
14 KB 169ms
168ms Image
image/webp 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/sm__Pogoda_na_zavtra___3_listopada_na_Hmelnichchini_mine_bez_opadiv_1_2022_11_02_02_51_36.JPG

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2559ab24153f73cb6b8e1f14b7ffe9687d9d538e91e7aadb9c91eed35ba2e65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=jpeg, origSize=23707
content-disposition: inline; filename="sm__Pogoda_na_zavtra___3_listopada_na_Hmelnichchini_mine_bez_opadiv_1_2022_11_02_02_51_36.webp"
content-length: 13630
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 02 Nov 2022 13:02:22 GMT
server: cloudflare
etag: "63626a5e-5c9b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 76429222fb6072f7-LHR

GET
H2 200 sm__Vid_poranen_na_viyni_zaginuv_zahisnik_z_Shepetivschini_1_2022_11_02_01_57_20.jpg
ye.ua/images/news/topnews/ 6 KB
6 KB 169ms
169ms Image
image/jpeg 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/sm__Vid_poranen_na_viyni_zaginuv_zahisnik_z_Shepetivschini_1_2022_11_02_01_57_20.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfdba8a67a2395146302ec8b72ae01856d2e9d74ea949df7d1484cbc863bdf57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=6047, status=webp_bigger
content-length: 5970
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 02 Nov 2022 12:08:59 GMT
server: cloudflare
etag: "63625ddb-179f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 76429222fb6172f7-LHR

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
188 B 68ms
66ms Image
image/gif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=23&loc=https%3A%2F%2Fye.ua%2F&cb=2844786725
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 764292234b9772f7-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 126ms
125ms Image
image/gif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=64&campaignid=54&zoneid=25&loc=https%3A%2F%2Fye.ua%2F&cb=fcdc80d1f6
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 764292235b9872f7-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 108ms
107ms Image
image/gif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=65&campaignid=54&zoneid=28&loc=https%3A%2F%2Fye.ua%2F&cb=da599207ea
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 764292235b9972f7-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 117ms
116ms Image
image/gif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=29&loc=https%3A%2F%2Fye.ua%2F&cb=1ac9bd101f
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 764292235b9a72f7-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 123ms
123ms Image
image/gif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=73&campaignid=59&zoneid=27&loc=https%3A%2F%2Fye.ua%2F&cb=f59748a364
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 764292235b9b72f7-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 127ms
126ms Image
image/gif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=30&loc=https%3A%2F%2Fye.ua%2F&cb=127945c430
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 764292235b9c72f7-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 117ms
117ms Image
image/gif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=71&campaignid=57&zoneid=21&loc=https%3A%2F%2Fye.ua%2F&cb=4b3767ae0f
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 764292236ba772f7-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 114ms
113ms Image
image/gif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=34&loc=https%3A%2F%2Fye.ua%2F&cb=6216a73ded
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 764292236ba672f7-LHR
content-length: 43
expires: 0

GET
H2 200 9fd568dd44821cd84166a0cec6edc56c.gif
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 5 KB
5 KB 83ms
82ms Image
image/webp 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/9fd568dd44821cd84166a0cec6edc56c.gif

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8adebfd685a1b2fe5148e65f71830e4e6a1d843b6c9f0d86b285d59cfb6d2080

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5088
cf-resized: internal=ok/h q=0 n=9 c=0+12 v=2022.10.4 l=5088
last-modified: Sat, 12 Mar 2022 12:25:15 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cfdjGE-tG_OiXWgIex0u3E3Q:2b16-5da048a1f71bf"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 764292238bbd72f7-LHR

GET
H2 200 4096fe248f247f37042a18a207955f0a.gif
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 6 KB
7 KB 84ms
83ms Image
image/webp 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/4096fe248f247f37042a18a207955f0a.gif

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad5b538430a5af477f4e1955b9ce53245b26a01f56ed2b273c5eee5ff28ed9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6616
cf-resized: internal=ok/h q=0 n=10 c=1+14 v=2022.10.4 l=6616
last-modified: Sat, 12 Mar 2022 12:28:14 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cfjIYqP22DRXgP46fGRzBoag:48c7-5da0494c3e016"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 764292240c0e72f7-LHR

GET
H2 200 c1a3c73fbf899e530542eb6577abda98.jpg
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 7 KB
7 KB 71ms
71ms Image
image/avif 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/c1a3c73fbf899e530542eb6577abda98.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a80c04d986f60031fb15fa72a16f950fa952bfd99fd60ba5dea6196b7942fac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 07 Oct 2022 12:03:58 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cf1dSCwxx7omIxtvzmU1wwcw:7f0b-5ea709ad82d85"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 764292241c1372f7-LHR
content-length: 7162
cf-resized: internal=ok/h q=0 n=15 c=0+68 v=2022.10.4 l=7162

GET
H2 200 cb127a8c5e8d08f121be5882d9cf8332.gif
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 30 KB
30 KB 78ms
78ms Image
image/webp 2606:4700:10::6816:3cfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/cb127a8c5e8d08f121be5882d9cf8332.gif

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3cfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33c3e10d2c03033c12a4134b9fdfa6955ea6c7f86cf30a1698d4dde834e9f6fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 30320
cf-resized: internal=ok/h q=0 n=11 c=2+33 v=2022.10.4 l=30320
last-modified: Mon, 03 Oct 2022 11:00:01 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cfuKKxLHvs_YB_VQAAskSofg:13426-5ea1f3ebd9c98"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 764292241c1472f7-LHR

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 4F7C 10 KB
5 KB 170ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 39540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:05:44 GMT
etag: 2424782735605397694
expires: Wed, 16 Nov 2022 18:05:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ 354 KB
116 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1216842449127365&plah=ye.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea2de5b840dcbb9675dec62540c1894de4079fd19d207d17143693fb57ad1aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119030
x-xss-protection: 0
server: cafe
etag: 9796640665610956254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 05:04:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
690 B 179ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ye.ua&callback=_gfp_s_&client=ca-pub-1216842449127365&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1216842449127365&plah=ye.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3fb411abe156ecd6da2b9fd96638e66b7b858aa45c71de87f973d97648a42c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 182ms
63ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 182ms
64ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4FF 134 KB
43 KB 377ms
268ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667451884&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884488&bpp=3&bdt=1361&idt=178&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&correlator=7456993971032&frm=20&pv=2&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=faIxJHCVyp&p=https%3A//ye.ua&dtd=197

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aac4196834db766e05dbddeb0822a4d1005b67177da8ce0222d5f69d5bd2dec

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6ymqqekfsCFY3ydwodLzUFqw&gqi=7EtjY7DFMpW-9u8PuamLsAg&layout=/sadbundle/%24csp%253Der3%24/16168325954268450011/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43966
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6ymqqekfsCFY3ydwodLzUFqw&gqi=7EtjY7DFMpW-9u8PuamLsAg&layout=/sadbundle/%24csp%253Der3%24/16168325954268450011/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
expires: Thu, 03 Nov 2022 05:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fye.ua%2F&tn=DIV&id=scroll-progress&cls=scroll-progress&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85B5 0
19 B 226ms
144ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&adk=1812271804&adf=3025194257&lmt=1667451884&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fye.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884491&bpp=2&bdt=1364&idt=216&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:44 GMT
expires: Thu, 03 Nov 2022 05:04:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9CB0 134 KB
43 KB 424ms
349ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884494&bpp=1&bdt=1367&idt=224&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QJouwWhLyC&p=https%3A//ye.ua&dtd=227

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

386339f51bc9313129a84b5304ff8284fe1a3f60a285cb75732f5ae1ff5fc560

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLH3mqqekfsCFTKocQod4hMBTw&gqi=7EtjY8_LMvC17_UPrNSN4As&layout=/sadbundle/%24csp%253Der3%24/16629634541440791836/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43796
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLH3mqqekfsCFTKocQod4hMBTw&gqi=7EtjY8_LMvC17_UPrNSN4As&layout=/sadbundle/%24csp%253Der3%24/16629634541440791836/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
expires: Thu, 03 Nov 2022 05:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7747 134 KB
43 KB 463ms
396ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54f4baa0559007a12f67964e03acdb61587e4abf1c5227d663bac017099db97c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNL7mqqekfsCFaxkFQgdNrMJ6Q&gqi=7EtjY-DKMtG89u8Pj8yv-AU&layout=/sadbundle/%24csp%253Der3%24/16629634541440791836/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43775
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNL7mqqekfsCFaxkFQgdNrMJ6Q&gqi=7EtjY-DKMtG89u8Pj8yv-AU&layout=/sadbundle/%24csp%253Der3%24/16629634541440791836/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
expires: Thu, 03 Nov 2022 05:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48D5 74 KB
30 KB 504ms
443ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1367&idt=237&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=I2gVdk0oxo&p=https%3A//ye.ua&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1531e84c67b863ed0b2d4965631d2862943e59816a1c5b5c600d00b5f7523d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30327
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
expires: Thu, 03 Nov 2022 05:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/ Frame 743E 33 KB
7 KB 239ms
121ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57770b31cc2209ba639220865345310e9a67c5a5f1dfdf43cb8d05246bf0238c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 82209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5143
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 06:14:36 GMT
expires: Thu, 02 Nov 2023 06:14:36 GMT
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 93F8 0
0 101ms
100ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9Kf_7EtjY56MM43l3wOv6pTYCpu4059t8fO_zeIQx4z2yNA2EAEgucf6FWCVAqABsorBqgHIAQmpAr6jmznEeKg-qAMByANIqgSwAU_QNjJwNnH2OQrIxRpKb9zrY4gvPyJuGWa8HJPVwyMY0eUNBMhDG0uphWl9WYV8SPHXY4b0SybF9zQGQiKdfm1AF3_wKE9S9UD3d6XjAVu1EqzRy8IqGN7wXU9AX3UFd87i4gWCU6RPkJHQOzmi7KDkWzrmcYYy73uj4PV_wG-KchBf3HCl2BxCXNchwznsokhvNsXJ5IDGY6y1ZhYAlVd2kAaaMFZ2Txe457_4wK9BwATGjZvRogSSBQQIBBgBkgUECAUYBKAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCFpAbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMjE2ODQyNDQ5MTI3MzY1GAA&sigh=-klO2YxNdOs&uach_m=[UACH]&cid=CAQSGwDq26N93DzIKXeONrn8U0_NwqjLkSxH7X_JvxgBIA4&template_id=419

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667451884&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884488&bpp=3&bdt=1361&idt=178&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&correlator=7456993971032&frm=20&pv=2&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=faIxJHCVyp&p=https%3A//ye.ua&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 05:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 93F8 23 KB
9 KB 223ms
107ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667451884&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884488&bpp=3&bdt=1361&idt=178&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&correlator=7456993971032&frm=20&pv=2&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=faIxJHCVyp&p=https%3A//ye.ua&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 93F8 3 KB
1 KB 231ms
116ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 93F8 17 KB
8 KB 170ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93F8 153 KB
47 KB 182ms
66ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/ Frame 9E81 23 KB
4 KB 167ms
126ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699c29131ed6f05c497ebfd10cb7f86f8da29fe237b4f719fec78969482077c2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 249450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4375
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 07:47:15 GMT
expires: Tue, 31 Oct 2023 07:47:15 GMT
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5944 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNCfv7EtjY7HRM7LQxgPip4T4BJu4059t6e-_zeIQx4z2yNA2EAEgucf6FWCVAqABsorBqgHIAQmpAr6jmznEeKg-qAMByANIqgS6AU_QMaSubXn9bt-xH-rYfCRZIArbZCjR5v6w1_WNK0PQHhP-vAo7XtpFfqjReQ448rOTr4KkxHAec137XMAGrMpAH7_c0J-r0k7gRe75bCzU-dviwPv4wKYn-kpY6UeLzei0u4cnxTL9J5CElHXbELukcP52uBda_4WVWyKeNzFR9ho-Gm6RZ0ZwqksIRp4GOrkJGDiDSkYHLgpmxVQXtMufzBTGHHMS3pk4PS32Z9QiOET9HMYOy6Sh3sAExo2b0aIEkgUECAQYAZIFBAgFGASgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQi90E0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMTIxNjg0MjQ0OTEyNzM2NRgA&sigh=KV7phOwlnO8&uach_m=[UACH]&cid=CAQSGwDq26N9ab075gYcsL9smKO4XWBgk3MF92jwMRgBIA4&template_id=419

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884494&bpp=1&bdt=1367&idt=224&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QJouwWhLyC&p=https%3A//ye.ua&dtd=227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 05:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 5944 23 KB
9 KB 98ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884494&bpp=1&bdt=1367&idt=224&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QJouwWhLyC&p=https%3A//ye.ua&dtd=227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 5944 3 KB
1 KB 156ms
118ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 5944 17 KB
7 KB 108ms
70ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5944 153 KB
47 KB 181ms
142ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/ Frame BB3A 23 KB
4 KB 130ms
130ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699c29131ed6f05c497ebfd10cb7f86f8da29fe237b4f719fec78969482077c2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 249450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4375
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 07:47:15 GMT
expires: Tue, 31 Oct 2023 07:47:15 GMT
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 07EC 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMLq-7EtjY9LVM6zJ1fAPtuamyA6buNOfbenvv83iEMeM9sjQNhABILnH-hVglQKgAbKKwaoByAEJqQK-o5s5xHioPqgDAcgDSKoEtAFP0DEKAgMarfYhGq63TreGJSraAWcvXD6p41fgBcYjK0cPPr8gwboVuuz7HYZ7STpmWQ4yLxO1KR2efRVxR_vW54lrGZTJT1jtkd1sq4rYQi3qbnnoKW6vmSi4QVaKDjDwQgCmvB7B4qcOQwLW7D-9TzagGt2DlBjyAx6AUBh1HxkW1EqfY68lvSm4wvGWQJj_tfyIQq2vhEs1tkzyOg2Egxn3aMDpfiSEeTwrbj3HIbGUzE7ABMaNm9GiBJIFBAgEGAGSBQQIBRgEoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM-EAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTEyMTY4NDI0NDkxMjczNjUYAA&sigh=OTaJZA005mI&uach_m=[UACH]&cid=CAQSGwDq26N9Eswlv6_nnyTFVGEgPaqJAbzrqfgAJhgBIA4&template_id=419

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 05:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 07EC 23 KB
9 KB 134ms
133ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 07EC 3 KB
1 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 07EC 17 KB
7 KB 144ms
143ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07EC 153 KB
47 KB 154ms
153ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H2 200 4194765957258890096
tpc.googlesyndication.com/daca_images/simgad/ Frame 48D5 6 KB
6 KB 168ms
167ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4194765957258890096

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1367&idt=237&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=I2gVdk0oxo&p=https%3A//ye.ua&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3227ce596d31ff2358576556a63b86a7d3f76341ac06d95f1350cbb892eeb49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:45 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5890
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 14:51:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Nov 2023 05:04:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 48D5 23 KB
9 KB 144ms
143ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 01:07:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 48D5 3 KB
1 KB 151ms
150ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 19:25:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 48D5 17 KB
7 KB 146ms
145ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 14:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 14:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48D5 153 KB
47 KB 195ms
194ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 48D5 33 KB
13 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 15:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13493
x-xss-protection: 0
server: cafe
etag: 7904785543377395088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 15:07:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 48D5 0
0 101ms
100ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGJUC7EtjY5baM7yB1fAP2Je06AK7_pjeUayVj8bAB5TJ8bHGEhABILnH-hVglQKgAd-emoADyAECqQLW0okjXnmwPqgDAcgDyQSqBLgBT9B-jWZi4a8EV69fsEYDUy4ukJbf0dQ-O_SMpL1NBByxxrjf6RBnDVhbvNZxV7IIUGIrvezlPHSs_VjMFY9kdKPJOal25RAny2gFcLslEkBdHGQUDJqZilr9-xCS8swWEGv_348NhxALnBBfAeCA_HbYOhaRiVP3L3Bl5eWIOw5k-ZEL3Xwv8PShqcR3scIViKBQCTYPF8JKg-g60iYp-sd1hwUPJaSe00NlPNC9dX0LIvN6S_nWf8AE3b2gw8wBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4nh5X-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCiyAPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMjE2ODQyNDQ5MTI3MzY1GAA&sigh=aQLdk39rvtw&uach_m=[UACH]&cid=CAQSGwDq26N9L07Mc5KdGrvmQRVfW4dxAeXPDDpO9hgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1367&idt=237&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=I2gVdk0oxo&p=https%3A//ye.ua&dtd=240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 05:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBC1 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884494&bpp=1&bdt=1367&idt=224&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QJouwWhLyC&p=https%3A//ye.ua&dtd=227
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 04:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5944 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6053ae9c18c022b18f72f252dcb79b9cb79b1d3a11a99808e4eec724ed37d24

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D064 143 B
166 B 54ms
54ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667451884&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884488&bpp=3&bdt=1361&idt=178&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&correlator=7456993971032&frm=20&pv=2&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=faIxJHCVyp&p=https%3A//ye.ua&dtd=197
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 04:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 743E 6 KB
3 KB 182ms
70ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Nov 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 743E 34 KB
13 KB 168ms
56ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Nov 2022 09:40:58 GMT

GET
H3 200 c362b1f05dc8934474d0dee6e618807a.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/ Frame 743E 103 KB
29 KB 258ms
146ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/c362b1f05dc8934474d0dee6e618807a.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10602b0b4be4710e24c06e60e114825e29bcf678de50242f4a962ac0ba9196f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 18:24:00 GMT
age: 470445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29890
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:24:00 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9E81 6 KB
3 KB 178ms
72ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Nov 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9E81 34 KB
13 KB 158ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Nov 2022 09:40:58 GMT

GET
H3 200 776ab4047b4c19bddcc0afae884a9614.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/ Frame 9E81 97 KB
28 KB 214ms
109ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/776ab4047b4c19bddcc0afae884a9614.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

317400bfca1b9d2fa5ae8721023f134369eca66b2aa74c01f17df8660ecb0dba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 18:23:45 GMT
age: 470460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:23:45 GMT

GET
DATA 200
OK truncated
/ Frame 93F8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8caa289c2ed9460e249964b9528f62bba1e777897c79ecc11e7decfaf5b8b69

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BB3A 6 KB
3 KB 179ms
87ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Nov 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BB3A 34 KB
13 KB 184ms
92ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Nov 2022 09:40:58 GMT

GET
H3 200 776ab4047b4c19bddcc0afae884a9614.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/ Frame BB3A 97 KB
28 KB 220ms
129ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/776ab4047b4c19bddcc0afae884a9614.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

317400bfca1b9d2fa5ae8721023f134369eca66b2aa74c01f17df8660ecb0dba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 18:23:45 GMT
age: 470460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:23:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 09AC 143 B
166 B 54ms
54ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 04:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBC1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
64ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
expires: Thu, 03 Nov 2022 05:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ECA7 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1367&idt=237&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=I2gVdk0oxo&p=https%3A//ye.ua&dtd=240
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 04:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D064
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

84ms
84ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
expires: Thu, 03 Nov 2022 05:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 07EC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff6bad5aa90532b4ee7f4419a76951d3972f629bd37c13efef4529672bbaef88

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 48D5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b8dd45a0d430f72395e1cf5cda85c53866258f7948d044cc45da1bdd0dd385d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 09AC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

84ms
82ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667451884&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667451884495&bpp=1&bdt=1368&idt=229&shv=r20221101&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=7456993971032&frm=20&pv=1&ga_vid=785949795.1667451885&ga_sid=1667451885&ga_hid=866285050&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&oid=2&pvsid=3128213431229754&tmod=854778895&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ML1l3wJpOH&p=https%3A//ye.ua&dtd=233

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
expires: Thu, 03 Nov 2022 05:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ECA7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
71ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
expires: Thu, 03 Nov 2022 05:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DEE 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:36:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9E81 2 KB
572 B 181ms
65ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/776ab4047b4c19bddcc0afae884a9614.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

997edddc4ef661f834f1c52ede92baf17dc8574be06a3d9813110b9ca6058e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 05:04:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H3 200 43496567a74395b0a277c1242fc07d3b.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/ Frame 9E81 4 KB
4 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/43496567a74395b0a277c1242fc07d3b.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f8a0f29b6265ffe9fc6176db23766c1b0f760b586ab094df85ac88113c0ee81

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 18:23:46 GMT
x-content-type-options: nosniff
age: 470459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4223
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:23:46 GMT

GET
H3 200 cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/ Frame 9E81 349 B
286 B 57ms
56ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/cd2696fd4b4633d9b42115314ccf4590.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 02 Nov 2022 01:16:43 GMT
age: 100082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 01:16:43 GMT

GET
H3 200 43496567a74395b0a277c1242fc07d3b.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/ Frame BB3A 4 KB
4 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/43496567a74395b0a277c1242fc07d3b.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/776ab4047b4c19bddcc0afae884a9614.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f8a0f29b6265ffe9fc6176db23766c1b0f760b586ab094df85ac88113c0ee81

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 18:23:46 GMT
x-content-type-options: nosniff
age: 470459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4223
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:23:46 GMT

GET
H3 200 cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/ Frame BB3A 349 B
286 B 57ms
56ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/cd2696fd4b4633d9b42115314ccf4590.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/776ab4047b4c19bddcc0afae884a9614.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 02 Nov 2022 01:16:43 GMT
age: 100082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 01:16:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BB3A 2 KB
1 KB 177ms
63ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/776ab4047b4c19bddcc0afae884a9614.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

997edddc4ef661f834f1c52ede92baf17dc8574be06a3d9813110b9ca6058e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 05:02:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 743E 5 KB
730 B 176ms
64ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/c362b1f05dc8934474d0dee6e618807a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 05:04:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 05:04:45 GMT

GET
H3 200 ac877ba828087376e2ff6cafdf347ff9.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/media/ Frame 743E 12 KB
12 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/media/ac877ba828087376e2ff6cafdf347ff9.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f874abca82204997bcc43f27ee2e696834bf7252ff94e2bf2228036fab0661de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 18:24:00 GMT
x-content-type-options: nosniff
age: 470445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11915
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:24:00 GMT

GET
H3 200 cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/media/ Frame 743E 349 B
286 B 59ms
59ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/media/cd2696fd4b4633d9b42115314ccf4590.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 18:24:00 GMT
age: 470445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:24:00 GMT

GET
H3 200 caa7727d43c861c5647e2a0f0cfbef2a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/media/ Frame 743E 2 KB
2 KB 58ms
58ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/media/caa7727d43c861c5647e2a0f0cfbef2a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90980dd0f3bfa2d983f41408fb0a93b1c124005128ce5f266657e20169d4346

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 18:24:00 GMT
x-content-type-options: nosniff
age: 470445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1938
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:24:00 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ Frame BB3A 21 KB
21 KB 185ms
69ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:06:18 GMT
x-content-type-options: nosniff
age: 71908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21440
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:57:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 09:06:18 GMT

GET
H3 200 2c7673920b0880276194aa67fbccb4d1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/ Frame BB3A 4 KB
4 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/2c7673920b0880276194aa67fbccb4d1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92c98f39dec9172b0fde53e60de9f9d7cda1038a2d34d9c9ba137fe99755aa9b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 01 Nov 2022 21:40:15 GMT
x-content-type-options: nosniff
age: 113070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3863
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 21:40:15 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 743E 45 KB
46 KB 243ms
146ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:23:46 GMT
x-content-type-options: nosniff
age: 506460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 08:23:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 743E 16 KB
16 KB 151ms
54ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 32061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 20:10:25 GMT

GET
H3 200 c0a9aeec880a4c59d641f909f1f876f6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/media/ Frame 743E 15 KB
15 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/media/c0a9aeec880a4c59d641f909f1f876f6.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16168325954268450011/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bc44e3a69712a069b9ed098dfd629a477f4f0061b3a54bd98907cd480a6c7e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 18:24:00 GMT
x-content-type-options: nosniff
age: 470445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15549
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:24:00 GMT

GET
H3 200 2c7673920b0880276194aa67fbccb4d1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/ Frame 9E81 4 KB
4 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/2c7673920b0880276194aa67fbccb4d1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/776ab4047b4c19bddcc0afae884a9614.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92c98f39dec9172b0fde53e60de9f9d7cda1038a2d34d9c9ba137fe99755aa9b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 01 Nov 2022 21:40:15 GMT
x-content-type-options: nosniff
age: 113070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3863
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 21:40:15 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/cd2696fd4b4633d9b42115314ccf4590.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/776ab4047b4c19bddcc0afae884a9614.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 02 Nov 2022 01:16:43 GMT
age: 100082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 01:16:43 GMT

GET
H3 200 43496567a74395b0a277c1242fc07d3b.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/ Frame 9E81 4 KB
4 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/media/43496567a74395b0a277c1242fc07d3b.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16629634541440791836/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f8a0f29b6265ffe9fc6176db23766c1b0f760b586ab094df85ac88113c0ee81

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 18:23:46 GMT
x-content-type-options: nosniff
age: 470459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4223
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 22:05:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 18:23:46 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 9E81 21 KB
21 KB 208ms
123ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:06:18 GMT
x-content-type-options: nosniff
age: 71908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21440
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:57:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 09:06:18 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BB3A 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:36:23 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E81 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:36:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 179ms
70ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

288a75ed3ed8984f19a95b51a97cabeb1ccfec3103372b837cab1d235280d365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11098
x-xss-protection: 0

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 743E 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:36:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 05:04:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 93F8 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstepWXHuo7hROMc22XnEIpZqwYzWrcmIlZaT_ApmYsq3XKZZbPbyYxD1NWUsqj7pbt9M4KXDWcC9c0NVCJf-G2Ap5JFGpjUk2L-7L-j-RfZsUKL7N11-oZbhzlcJOfkpAPsC5Casg&sai=AMfl-YQfqW0B_z0-IzTgp30pEInCkjgTBoMdyIASupssJoGEcvmjx5D9XzIcxE5kboqFlMNdJpHDp4fdFhe6CKw&sig=Cg0ArKJSzB0Sr5cb3oLxEAE&cid=CAQSGwDq26N93DzIKXeONrn8U0_NwqjLkSxH7X_JvxgBIA4&id=lidar2&mcvt=1001&p=0,1,60.03125,648&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4228632296&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667451885075&rpt=343&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EB5B 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 27913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 21:19:33 GMT
expires: Thu, 02 Nov 2023 21:19:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E7C0 783 B
533 B 173ms
62ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c731463ca13fdafa31bb29ab16a65ebf5813857cc684dc0faebd40a91f6132af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Ysvt2MBQfpiPHlNgyaPlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-2Ysvt2MBQfpiPHlNgyaPlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 05:04:46 GMT
expires: Thu, 03 Nov 2022 05:04:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5944 42 B
64 B 90ms
90ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgmpd7Luz475hWC9_DGCyMBEXD1Vkc38-bCfPaWgKpp83tdCzy8USYivwWZwzUFaSsyS34GCwTZ1iVjqs-O7eS7O3MoGguYob_tM_t03F6ivhvnM6-hYW3Cu-GnmDCmx_vlKZVCQ&sai=AMfl-YQvU8bcqlvzCRN-0ASLz92zMRteJAFM5Gel5NpsmrP8W-k-q_EO2NWA7ZZ1ORwTrqWtHkbOIOsJuToQcqA&sig=Cg0ArKJSzKh71JbPGKrBEAE&cid=CAQSGwDq26N9ab075gYcsL9smKO4XWBgk3MF92jwMRgBIA4&id=lidar2&mcvt=1000&p=0,0,69.0625,442&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=2&adk=1832233552&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667451885161&rpt=303&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EB5B 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 06:36:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EB5B 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KsfdEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:04:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E7C0 0
0 88ms
87ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=3128213431229754&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
92ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=3128213431229754&bg=!R0SlRADNAAZPh4lnb4c7ACkAdvg8Wiz5bK2qdG-hAkOBDA6AzgOD_zj76f8TrCYfxikg2HqBS4CwlAIAAABVUgAAAAJoAQcKAA-c36_CxH34TIekG3_e64WZApG1HLALIWCOIipP5ZdVZN60uxCDaco7T50fFgrmYLQa-vXC1prSyo9FbZLSq_o3IObKW2LJcJE1Ld2GFerKC4nq6ibtQWLKJqg7xs_knH7AkJJz-AajH6_5QGkUIC5CBozQL5AVD2nG-Wcssj9DWiEOEZZ5_zoIAunyd6ivn07sE_IE0knpTobUQ89u6crPPALfxIRBY76N919HFdp1zM_pdBC4YOERZT5uw11lk6wnWvcvJJyCAvhHPCa79wKfzY8qLjR9HhIUEFLAadYJroJXvmUMF5r-rz_ZuG7HZauCdz1-rvpXHHJ8Vnr6VfF6eua5Cf9sTZOmO6j9go5ceeh8kmQ-BWpxJbtbQeumSu_47iOIK8tJKS6CL6JTdEG4B-wyYY4Z6FLoR1JbsfM5LkLZxbMPAclL8tAszDqMJVMHFr6xCpdkCMVM_QQSL6yowt7v5NcmmHVjH3tBPJmkVV-SjJU_-eCNMsfpUs6HUHDPl9DcopuhVBsx_Uwoxeb9x0YtYogF7_Z1ODtZ4huJo15JcX--Ajkmbug4QRKhS_9AswamP06ZHxDZCJHF3vGQBkT0ePceW8dq5Zuw1g6QcOlUwapgfd7hQUCQjrYcrUhWkVplYzka53fv_pL4HqfPR19koTbm98xUZerak6yFasYA5bHtGmBrGXC0NymQoVL4647mfFMpz14wuI0EueuhYmtw3G9YczNJhTte18s6XhMyc8FWtoazlgz7NOroFlP5BYFKvJmvTDHzuPwuk8u8q6wQxaw9ggCSJSsFPhTWqpTml2boCjdsAztwgaEz31QN3_HVjHya9m0nolLnw0LiXzmrcA3z5joiEINGuFTMKxZZa1xEbyRFZcxR7BoiOyqoAt4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
88ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-1216842449127365&su=ye.ua&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44775016&doc=complete&pg_h=5517&pg_w=1600&pg_hs=5517&c=11&aa_c=0&av_h=158.182&av_w=444.540&av_a=61050.341&s=32.016&all_s=32.016&b=1254.438&all_b=1254.438&d=0.315&all_d=0.315&ard=0.076&all_ard=0.076&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 05:04:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ye.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 70187750f9e21cfd30b284373ba6e07f
ye.ua/	1969-12-31 23:59:59	Name: check_cookie Value: 6445d9b627a6e915e1745fd60c265243
.dominantroute.com/	1970-01-20 16:46:51	Name: uuid Value: 16674516941388806700
.ye.ua/	1970-01-20 07:11:35	Name: u_count Value: %5B0%2C0%5D
.ye.ua/	1970-01-20 16:46:51	Name: _ga Value: b84df50b-ccc8-4e57-90d8-5d05ce03fa55
ye.ua/	1969-12-31 23:59:59	Name: _ga4s Value: 1
.ye.ua/	1970-01-20 16:46:51	Name: _ga4 Value: 0603e7b5-87fe-4437-aa86-1a5b053ab34a
ye.ua/	1969-12-31 23:59:59	Name: _ga4sid Value: 1920840020
openx2.ye.ua/	1970-01-20 15:56:27	Name: OAID Value: 01000111010001000101000001010010
.ye.ua/	1970-01-20 16:32:27	Name: __gads Value: ID=89c37f5a1b8ba618-22289ca863ce0064:T=1667451884:RT=1667451884:S=ALNI_MZM3oDWDE3DzZNw5fR8zn4QVbHA3w
.ye.ua/	1970-01-20 16:32:27	Name: __gpi Value: UID=00000b7bc2393008:T=1667451884:RT=1667451884:S=ALNI_MaI1e3pEEBKZaz66HQbUh-It-pO_g
.doubleclick.net/	1970-01-20 16:32:27	Name: IDE Value: AHWqTUkwFYOmMxNeCrOq591tNp54gfy8JNFNuSZX8aYC5gjedjB1GZuLc37ggJHwVAc
.doubleclick.net/	1970-01-20 07:10:55	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
dominantroute.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
openx2.ye.ua
pagead2.googlesyndication.com
partner.googleadservices.com
polyfill.io
radio.nrcu.gov.ua
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
ye.ua
193.200.64.20
2606:4700:10::6816:3cfa
2606:4700:10::ac43:2bd5
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a04:4e42:c00::282
91.218.213.49
0854243cee262b5de8673e332e533bcf232cda58cc48405d79998d6888ada200
0b6e442e0162e2c67d3cf272012edd38a95076ecb4b71f54c28a8810f4dbbb59
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ac0c44e962362e044f2df416f2553775b38b1b8064470f648825aa8d2a8996e
1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
2559ab24153f73cb6b8e1f14b7ffe9687d9d538e91e7aadb9c91eed35ba2e65b
279661d0bd460810e07f8b635582664cf599e4a5e75d7ba9a6d4413491529e63
288a75ed3ed8984f19a95b51a97cabeb1ccfec3103372b837cab1d235280d365
2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804
2dd2bc32e766754718771fbbd323bd27ae4e64f71b28d87a619368ebf52a3c75
2ddaf573663b8243cc0e85098b1723ace007f1c13d83f6a1a95c554e37162fe6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317400bfca1b9d2fa5ae8721023f134369eca66b2aa74c01f17df8660ecb0dba
31bc44e3a69712a069b9ed098dfd629a477f4f0061b3a54bd98907cd480a6c7e
3227ce596d31ff2358576556a63b86a7d3f76341ac06d95f1350cbb892eeb49e
33c3e10d2c03033c12a4134b9fdfa6955ea6c7f86cf30a1698d4dde834e9f6fe
386339f51bc9313129a84b5304ff8284fe1a3f60a285cb75732f5ae1ff5fc560
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
468f87ca7a0cf5529eb96f6ed5c5fb253e0be79e9a8412c6d367a91e6eb7bb64
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8a0f29b6265ffe9fc6176db23766c1b0f760b586ab094df85ac88113c0ee81
54f4baa0559007a12f67964e03acdb61587e4abf1c5227d663bac017099db97c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57770b31cc2209ba639220865345310e9a67c5a5f1dfdf43cb8d05246bf0238c
5c7c176af91f6fc30c3e49051636d4b456531b4e75245a62d931c9a8bb77ea4b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
699c29131ed6f05c497ebfd10cb7f86f8da29fe237b4f719fec78969482077c2
6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca
6b8dd45a0d430f72395e1cf5cda85c53866258f7948d044cc45da1bdd0dd385d
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
733802e9803203863dc7a683a609fb66ce734bddb38425250c71bf4024696f9f
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7a80c04d986f60031fb15fa72a16f950fa952bfd99fd60ba5dea6196b7942fac
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e
848e3ddf8d07c81ebc0ee309dfc63a60b0b970d46857911c5f2e78487825a3e3
890d81648be2bed4a1da49a1bab308041e26f3f6267f4dd41a76f3e2541e6fb4
8aac4196834db766e05dbddeb0822a4d1005b67177da8ce0222d5f69d5bd2dec
8adebfd685a1b2fe5148e65f71830e4e6a1d843b6c9f0d86b285d59cfb6d2080
925bcb507309f0b69f06997738cb926e1ef4e5c4c221cf05ad391381a43b2928
92c98f39dec9172b0fde53e60de9f9d7cda1038a2d34d9c9ba137fe99755aa9b
997edddc4ef661f834f1c52ede92baf17dc8574be06a3d9813110b9ca6058e6b
9ad5b538430a5af477f4e1955b9ce53245b26a01f56ed2b273c5eee5ff28ed9f
9b49df55acb1072af429ec4f155107c35de1921d9053fabb2693b0e57749f224
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
a07303ca793f89719c2708b5540987979fd24e6ba388530802eb2923a1e784ec
a3fb411abe156ecd6da2b9fd96638e66b7b858aa45c71de87f973d97648a42c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c2b682895173a68c299d89e0c1220498f641fbe5d2284d98e97b905417cef5
a90980dd0f3bfa2d983f41408fb0a93b1c124005128ce5f266657e20169d4346
afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b59270e2d2a3730d00b61b36541001751277b940d73846e9f44ee7f189c60b5f
bd8fe10f28fa2e884b988f4ef91390487f598e21fb54eb9c1a11ed39d647288a
bfdba8a67a2395146302ec8b72ae01856d2e9d74ea949df7d1484cbc863bdf57
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c731463ca13fdafa31bb29ab16a65ebf5813857cc684dc0faebd40a91f6132af
c8caa289c2ed9460e249964b9528f62bba1e777897c79ecc11e7decfaf5b8b69
c8f43650614fce620ab907a0593912237b54322ec6097757f319427b189b1619
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
d10602b0b4be4710e24c06e60e114825e29bcf678de50242f4a962ac0ba9196f
d10ff7ad5c1f3ce5c6ad2b17ef06f8a0515628d04a00178bc6bdefc23d8ba94b
d6053ae9c18c022b18f72f252dcb79b9cb79b1d3a11a99808e4eec724ed37d24
e1531e84c67b863ed0b2d4965631d2862943e59816a1c5b5c600d00b5f7523d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94e274617dd12daa61f94f74bcd2a3ceb82ad275b53ef797946a3608b0e1222
ea2de5b840dcbb9675dec62540c1894de4079fd19d207d17143693fb57ad1aa5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b5932558e6a765f1bfc3fb5ee364013cd03588adcf0f22293a77ddf2e90df0
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f874abca82204997bcc43f27ee2e696834bf7252ff94e2bf2228036fab0661de
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff6bad5aa90532b4ee7f4419a76951d3972f629bd37c13efef4529672bbaef88

ye.ua Open in urlscan Pro 2606:4700:10::6816:3cfa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

100 %HTTPS

86 %IPv6

12 Domains

15 Subdomains

14 IPs

4 Countries

1707 kBTransfer

4079 kBSize

13 Cookies

17 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ye.ua Open in urlscan Pro
2606:4700:10::6816:3cfa Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

100 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

1707 kB
Transfer

4079 kB
Size

13
Cookies

130 HTTP transactions
8 data transactions