urlscan.io logo urlscan.io
SecurityTrails logo

zhyttia.com.ua Open in urlscan Pro
2a06:6440:0:2d6e::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zhyttia.com.ua/
Effective URL: https://zhyttia.com.ua/
Submission: On July 20 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 7 countries across 24 domains to perform 132 HTTP transactions. The main IP is 2a06:6440:0:2d6e::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is zhyttia.com.ua. The Cisco Umbrella rank of the primary domain is 867535.
TLS certificate: Issued by R3 on May 30th 2022. Valid for: 3 months.
This is the only time zhyttia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 2a06:6440:0:2... 200000 (UKRAINE-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a04:8000:0:e... 200000 (UKRAINE-AS)
4 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 62.76.25.28 61400 (NETRACK-AS)
1 2 104.18.3.81 13335 (CLOUDFLAR...)
1 2 88.212.201.198 39134 (UNITEDNET)
7 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 36 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 104.111.215.191 16625 (AKAMAI-AS)
4 172.217.18.98 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 104.18.18.126 13335 (CLOUDFLAR...)
132 27
28    2a06:6440:0:2d6e::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
zhyttia.com.ua
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a04:8000:0:e022::54 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
www.ukraine.com.ua
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
ykopdx.com
2    104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
i.i.ua
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
7    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
36    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4009:823::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1450:4009:3::6 (London, United Kingdom)

ASN15169 (GOOGLE, US)
r1---sn-aigzrnld.gvt1.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
Apex Domain
Subdomains		 Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 128
tpc.googlesyndication.com — Cisco Umbrella Rank: 166
669 KB
28 zhyttia.com.ua
zhyttia.com.ua — Cisco Umbrella Rank: 867535
643 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
183 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 223
127 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 103
www.google.com — Cisco Umbrella Rank: 17
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
3 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2603
www.google-analytics.com — Cisco Umbrella Rank: 69
20 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
2 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2046
1 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 1715
r1---sn-aigzrnld.gvt1.com — Cisco Umbrella Rank: 416382
1 MB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
85 KB
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4409
914 B
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8351
2 KB
2 i.ua
r.i.ua — Cisco Umbrella Rank: 113501
i.i.ua — Cisco Umbrella Rank: 507685
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
114 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 372
461 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 684
166 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1906
351 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1205
464 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 957
646 B
1 ykopdx.com
ykopdx.com
19 KB
1 ukraine.com.ua
www.ukraine.com.ua — Cisco Umbrella Rank: 979831
24 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 695
33 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
132 24
Domain Requested by
36 tpc.googlesyndication.com 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
zhyttia.com.ua
tpc.googlesyndication.com
28 zhyttia.com.ua 1 redirects code.jquery.com
zhyttia.com.ua
14 pagead2.googlesyndication.com zhyttia.com.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
zhyttia.com.ua
googleads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
6 www.gstatic.com googleads.g.doubleclick.net
4 cm.g.doubleclick.net googleads.g.doubleclick.net
4 fonts.googleapis.com zhyttia.com.ua
googleads.g.doubleclick.net
3 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 csi.gstatic.com www.gstatic.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
2 counter.yadro.ru 1 redirects zhyttia.com.ua
2 www.googletagmanager.com zhyttia.com.ua
www.googletagmanager.com
1 pixel.rubiconproject.com 1 redirects
1 image6.pubmatic.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 r1---sn-aigzrnld.gvt1.com googleads.g.doubleclick.net
1 redirector.gvt1.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 i.i.ua zhyttia.com.ua
1 r.i.ua 1 redirects
1 ykopdx.com zhyttia.com.ua
1 www.ukraine.com.ua zhyttia.com.ua
1 code.jquery.com zhyttia.com.ua
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
132 32

This site contains links to these domains. Also see Links.

Domain
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
www.zhyttia.com.ua
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
ukraine.com.ua
R3		 2022-06-03 -
2022-09-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
ykopdx.com
R3		 2022-06-02 -
2022-08-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh

This page contains 14 frames:

Primary Page: https://zhyttia.com.ua/
Frame ID: EC3A626405EE189083861648D1717B30
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/zrt_lookup.html
Frame ID: FB5714E9CD9BDEB3A119C79D3D82E245
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&adk=1812271804&adf=3025194257&lmt=1658296709&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzhyttia.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296709051&bpp=3&bdt=476&idt=247&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4930461733281&frm=20&pv=2&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266
Frame ID: D3A2216BAA24ABA5A529CFB9637F94F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Frame ID: 3174234A86D361ED2C68203933798795
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Frame ID: E79D9577249634F48ED8C5871439AAD1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6C9C1B233B0488DCD215603E56AB5AFF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Frame ID: B5BBB533891D81D6D659FF9702F57B08
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B1E4440D7156750697EB7FB3BD7CF838
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/dfafa4fd47dd86b7cbcd5aa280f1fc74.js?tag=client_fast_engine_2019
Frame ID: DF2176CBAEFD9DC4E89E0689FE3D66E2
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C0B4B7FC51AAA52D592493EDEBF3EBAC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06C0A37FA4F5D0FFCBF46352276B1FE9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B75DC91D8395620746594D5E9A59EBD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Frame ID: 2125D0EE5F847169678184FF8AF36468
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Frame ID: 70B0F359B4FE2E338148558CF9D5CCA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Школа Життя - Корисний інтерне журнал!

Page URL History Show full URLs

  1. http://zhyttia.com.ua/ HTTP 301
    https://zhyttia.com.ua/ Page URL
  2. https://zhyttia.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

132
Requests

94 %
HTTPS

67 %
IPv6

24
Domains

32
Subdomains

27
IPs

7
Countries

3112 kB
Transfer

5145 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zhyttia.com.ua/ HTTP 301
    https://zhyttia.com.ua/ Page URL
  2. https://zhyttia.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://zhyttia.com.ua/ HTTP 301
  • https://zhyttia.com.ua/
Request Chain 14
  • https://r.i.ua/s?u235016&p266&n0.08641482216879237&c1&d24&w1600&h1200&rzhyttia.com.ua/ HTTP 302
  • https://i.i.ua/r/3_3_3.png
Request Chain 16
  • https://counter.yadro.ru/hit?t38.6;rhttps%3A//zhyttia.com.ua/;s1600*1200*24;uhttps%3A//zhyttia.com.ua/;h%u0428%u043A%u043E%u043B%u0430%20%u0416%u0438%u0442%u0442%u044F%20-%20%u041A%u043E%u0440%u0438%u0441%u043D%u0438%u0439%20%u0456%u043D%u0442%u0435%u0440%u043D%u0435%20%u0436%u0443%u0440%u043D%u0430%u043B%21;0.8177382376994435 HTTP 302
  • https://counter.yadro.ru/hit?q;t38.6;rhttps%3A//zhyttia.com.ua/;s1600*1200*24;uhttps%3A//zhyttia.com.ua/;h%u0428%u043A%u043E%u043B%u0430%20%u0416%u0438%u0442%u0442%u044F%20-%20%u041A%u043E%u0440%u0438%u0441%u043D%u0438%u0439%20%u0456%u043D%u0442%u0435%u0440%u043D%u0435%20%u0436%u0443%u0440%u043D%u0430%u043B%21;0.8177382376994435
Request Chain 80
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 84
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCA3v7G3wEQhwYYlgMyCNFPTkNRivrs HTTP 301
  • https://tpc.googlesyndication.com/simgad/5562125932238906240
Request Chain 98
  • https://redirector.gvt1.com/videoplayback?id=90284e59265f5279&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1658303909&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=9DD9EC9A0020896D6A1F40E2741E58ECD4E84C2A.57DF1CFF1C0306641A4E47625BE312D3E57AE305&key=ck2 HTTP 302
  • https://r1---sn-aigzrnld.gvt1.com/videoplayback?id=90284e59265f5279&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1658303909&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5F761F23E0B0ECF6B8B53E49E06E399839F41910.4EBB7A63CE1198246BA96B79BB4768C7FC00398E&key=cms1&cms_redirect=yes&mh=iP&mip=2001:ac8:21:e::12&mm=28&mn=sn-aigzrnld&ms=nvh&mt=1658296342&mv=m&mvi=1&pl=48
Request Chain 120
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4A5zr-0o47vz7dvF4pewWf7zgHmyLA7yBUrQP_7GTxcxSivJcOLkgcEShW2MiL5P7VcnRmrlnl82GSmJnYV64cpoM7aHzvz&google_gid=CAESEF1lpjRVHZOMKxk-_SUWuWI&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4A5zr-0o47vz7dvF4pewWf7zgHmyLA7yBUrQP_7GTxcxSivJcOLkgcEShW2MiL5P7VcnRmrlnl82GSmJnYV64cpoM7aHzvz&google_gid=CAESEF1lpjRVHZOMKxk-_SUWuWI&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MjAwNTU4MzEwMDAxMTE4NTA1ODEyOA%3D%3D&google_push=AehlK4A5zr-0o47vz7dvF4pewWf7zgHmyLA7yBUrQP_7GTxcxSivJcOLkgcEShW2MiL5P7VcnRmrlnl82GSmJnYV64cpoM7aHzvz
Request Chain 123
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE__Uu9eSS0Zgc-wXWB0y5k&google_cver=1&google_push=AehlK4BJi_TBPe2C8Dh4eBZFaf2nDHVyTnYgtrtSc3mN8PIiUa1uXiQnPd3MnGzR5EVGPNLI2Mq_v6rRK7r6t2ndt8eIW4-NLGTf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVUNzFORzQtMVotTFpBWQ==&google_push=AehlK4BJi_TBPe2C8Dh4eBZFaf2nDHVyTnYgtrtSc3mN8PIiUa1uXiQnPd3MnGzR5EVGPNLI2Mq_v6rRK7r6t2ndt8eIW4-NLGTf
Request Chain 124
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC0iXuexAOKCWXjRVl5nz-g&google_cver=1&google_push=AehlK4DHaNLcsru5YJ9s_K1riZd4UgjOsZH-ziNnglflMT8tUdPcrthg1HzQtLJigTC8C5M6Aw0ekOiGcmLqf6bAGElYo78HtJta HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEC0iXuexAOKCWXjRVl5nz-g&google_push=AehlK4DHaNLcsru5YJ9s_K1riZd4UgjOsZH-ziNnglflMT8tUdPcrthg1HzQtLJigTC8C5M6Aw0ekOiGcmLqf6bAGElYo78HtJta&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC0iXuexAOKCWXjRVl5nz-g&google_hm=YteZh9PZcTLkWEFO9zKtYAAAEbEAAAIB&google_nid=index&google_push=AehlK4DHaNLcsru5YJ9s_K1riZd4UgjOsZH-ziNnglflMT8tUdPcrthg1HzQtLJigTC8C5M6Aw0ekOiGcmLqf6bAGElYo78HtJta

132 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
zhyttia.com.ua/
Redirect Chain
  • http://zhyttia.com.ua/
  • https://zhyttia.com.ua/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx / PHP/8.1.6
Resource Hash
114ab74126638a7075f6e69fd084f2453e8ec58d22ceb720934a8cf0b8001718

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 05:58:27 GMT
pragma
no-cache
server
nginx
x-page-speed
on
x-powered-by
PHP/8.1.6
x-ray
p1054:0.000/wn2107:0.000/wn510:0.000/

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 20 Jul 2022 05:58:27 GMT
Location
https://zhyttia.com.ua/
Server
nginx
x-ray
p1054:0.001/wn2107:0.000/
jquery-1.11.2.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:28 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-176bb"
vary
Accept-Encoding
x-hw
1658296708.dop210.lo4.t,1658296708.cds273.lo4.hn,1658296708.cds291.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33262
preloader-ccc-128.gif
www.ukraine.com.ua/static/parking/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ukraine.com.ua/static/parking/preloader-ccc-128.gif
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:8000:0:e022::54 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
wn2147:0.000/
x-content-type-options
nosniff
last-modified
Wed, 25 Mar 2015 14:23:49 GMT
server
nginx
etag
"5512c4f5-60ab"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 20 Jul 2022 05:58:26 GMT
accept-ranges
bytes
content-length
24747
x-xss-protection
1; mode=block
expires
Thu, 20 Jul 2023 05:58:28 GMT
/
zhyttia.com.ua/ 		0
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zhyttia.com.ua/?access_challenge_key=254
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx / PHP/8.1.6
Resource Hash

Request headers

Accept
*/*
Referer
https://zhyttia.com.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
x-ray
p1054:0.003/wn2107:0.000/wn510:0.000/
content-encoding
br
server
nginx
x-powered-by
PHP/8.1.6
content-type
text/html; charset=UTF-8
x-page-speed
on
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 20 Jul 2022 05:58:28 GMT
Primary Request /
zhyttia.com.ua/ 		80 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zhyttia.com.ua/
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
104ed46b173bea53e67cf2d8e4f1203fe1ac50fb9ae86e0e9c20149b13613e09

Request headers

Referer
https://zhyttia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 05:58:28 GMT
server
nginx
x-page-speed
on
x-ray
p1054:0.337/wn2107:0.280/wa2107:D=270932
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4088c4396769f8eda76e6f28917417d031b5d62da99e90135de61cefa16dfafa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 05:58:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 05:58:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 05:58:28 GMT
style.min.css
zhyttia.com.ua/wp-content/themes/yelly/assets/css/ 		209 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zhyttia.com.ua/wp-content/themes/yelly/assets/css/style.min.css
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
44d3542b2ed686bee258431841e6eb16595343c82d16d51318ebd01f522b9a5e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.011/wn2107:0.000/
content-encoding
br
last-modified
Wed, 04 May 2022 11:54:35 GMT
server
nginx
etag
W/"6272697b-344f6"
content-type
text/css
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
expires
Wed, 27 Jul 2022 05:58:28 GMT
jquery.min.js
zhyttia.com.ua/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zhyttia.com.ua/wp-includes/js/jquery/jquery.min.js
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.012/wn2107:0.000/
content-encoding
br
last-modified
Thu, 22 Jul 2021 09:50:36 GMT
server
nginx
etag
W/"60f93f6c-15db1"
content-type
application/javascript
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
expires
Wed, 27 Jul 2022 05:58:28 GMT
jquery-migrate.min.js
zhyttia.com.ua/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zhyttia.com.ua/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
content-encoding
br
last-modified
Thu, 22 Jul 2021 09:50:34 GMT
server
nginx
etag
W/"60f93f6a-2bd8"
content-type
application/javascript
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
expires
Wed, 27 Jul 2022 05:58:28 GMT
icomoon.ttf
zhyttia.com.ua/wp-content/themes/yelly/assets/fonts/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zhyttia.com.ua/wp-content/themes/yelly/assets/fonts/icomoon.ttf
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
89f8aad7725dc0794604a1118dd2f85e9fce51ae549ca5d645d06c846ff5ae8b

Request headers

Referer
https://zhyttia.com.ua/
Origin
https://zhyttia.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.010/wn2107:0.000/
last-modified
Wed, 04 May 2022 11:54:35 GMT
server
nginx
etag
"6272697b-1dd4"
content-type
application/octet-stream
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
7636
expires
Wed, 27 Jul 2022 05:58:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7097922196429536
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a792e5221b2e017b618096ec9d5b2a70d573f24f7b490ffb8212eb0d2c70a4ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhyttia.com.ua/
Origin
https://zhyttia.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56603
x-xss-protection
0
server
cafe
etag
16616662522592799614
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Jul 2022 05:58:28 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TNB9GS5XVS
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
079ab8447fe701b056918e27036e3aef13f9437e2639c60b6d0131792350967f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73901
x-xss-protection
0
expires
Wed, 20 Jul 2022 05:58:28 GMT
867kpyj9gsme.php
ykopdx.com/ag4l71129vil/0pm0y3qh8687uvq/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ykopdx.com/ag4l71129vil/0pm0y3qh8687uvq/867kpyj9gsme.php
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:29 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 11:09:48 GMT
server
nginx/1.14.2
etag
"628f5ffc-4aeb"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
19179
65-5-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/65-5-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
63c996e7c9eae7e129241bbe54758ad989c6e5514a2c94bb4731610c1620b1f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
last-modified
Mon, 18 Jul 2022 17:52:54 GMT
server
nginx
etag
"62d59df6-48f1"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
18673
expires
Wed, 27 Jul 2022 05:58:28 GMT
scripts.min.js
zhyttia.com.ua/wp-content/themes/yelly/assets/js/ 		50 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zhyttia.com.ua/wp-content/themes/yelly/assets/js/scripts.min.js
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
4739a91f129b4e733c6d7144223885206b475d483ef7713463422a598a9a9a3f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.014/wn2107:0.000/
content-encoding
br
last-modified
Wed, 04 May 2022 11:54:35 GMT
server
nginx
etag
W/"6272697b-c796"
content-type
application/javascript
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
expires
Wed, 27 Jul 2022 05:58:28 GMT
3_3_3.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u235016&p266&n0.08641482216879237&c1&d24&w1600&h1200&rzhyttia.com.ua/
  • https://i.i.ua/r/3_3_3.png
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_3.png
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35cd1e352811baf1186007bbee781fb0eb4ea9ab0aa7fc0ae82bdbed8ca9ee92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:29 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Mar 2007 13:53:49 GMT
server
cloudflare
age
4783395
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
72d9771feec254dc-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1232
expires
Sat, 06 May 2023 15:41:16 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
https://i.i.ua/r/3_3_3.png
cache-control
no-cache, must-revalidate
cf-ray
72d9771edcab54dc-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t38.6;rhttps%3A//zhyttia.com.ua/;s1600*1200*24;uhttps%3A//zhyttia.com.ua/;h%u0428%u043A%u043E%u043B%u0430%20%u0416%u0438%u0442%u0442%u044F%20-%20%u041A%u043E%u0440%u043...
  • https://counter.yadro.ru/hit?q;t38.6;rhttps%3A//zhyttia.com.ua/;s1600*1200*24;uhttps%3A//zhyttia.com.ua/;h%u0428%u043A%u043E%u043B%u0430%20%u0416%u0438%u0442%u0442%u044F%20-%20%u041A%u043E%u0440%u0...
445 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t38.6;rhttps%3A//zhyttia.com.ua/;s1600*1200*24;uhttps%3A//zhyttia.com.ua/;h%u0428%u043A%u043E%u043B%u0430%20%u0416%u0438%u0442%u0442%u044F%20-%20%u041A%u043E%u0440%u0438%u0441%u043D%u0438%u0439%20%u0456%u043D%u0442%u0435%u0440%u043D%u0435%20%u0436%u0443%u0440%u043D%u0430%u043B%21;0.8177382376994435
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 05:58:29 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
445
Expires
Mon, 19 Jul 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 05:58:29 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t38.6;rhttps%3A//zhyttia.com.ua/;s1600*1200*24;uhttps%3A//zhyttia.com.ua/;h%u0428%u043A%u043E%u043B%u0430%20%u0416%u0438%u0442%u0442%u044F%20-%20%u041A%u043E%u0440%u0438%u0441%u043D%u0438%u0439%20%u0456%u043D%u0442%u0435%u0440%u043D%u0435%20%u0436%u0443%u0440%u043D%u0430%u043B%21;0.8177382376994435
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Mon, 19 Jul 2021 21:00:00 GMT
background66.jpg
zhyttia.com.ua/wp-content/uploads/2021/08/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2021/08/background66.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
71b19228b9a14c7f31f9e98aaf4f20553b76fd5ad5568ab9bb1c684b877020bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
last-modified
Sun, 15 Aug 2021 09:54:28 GMT
server
nginx
etag
"6118e454-16658"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
91736
expires
Wed, 27 Jul 2022 05:58:28 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zhyttia.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 21:51:35 GMT
x-content-type-options
nosniff
age
115613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 21:51:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zhyttia.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:07:47 GMT
x-content-type-options
nosniff
age
154241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:07:47 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zhyttia.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 20:29:43 GMT
x-content-type-options
nosniff
age
120525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 20:29:43 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zhyttia.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 08:44:49 GMT
x-content-type-options
nosniff
age
594819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 08:44:49 GMT
troyandy-775x500.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/troyandy-775x500.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
a938e401714141fb4356caacc971426923d8556b5a317091d3cf11d09a44fa3d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
last-modified
Tue, 19 Jul 2022 12:33:29 GMT
server
nginx
etag
"62d6a499-f10b"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
61707
expires
Wed, 27 Jul 2022 05:58:28 GMT
ohirky-na-zymu-1-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/ohirky-na-zymu-1-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
bf9383b93a922ea778362ef7a1bee91ff9696776bd971fbb7c8ddbe9a6a670a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
last-modified
Tue, 19 Jul 2022 12:44:51 GMT
server
nginx
etag
"62d6a743-41fd"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
16893
expires
Wed, 27 Jul 2022 05:58:28 GMT
47-5-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/47-5-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
ca3bf784917d9178a97bd187f42015ba9d407813099db651243619c114360fea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
last-modified
Tue, 19 Jul 2022 10:47:14 GMT
server
nginx
etag
"62d68bb2-582d"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
22573
expires
Wed, 27 Jul 2022 05:58:28 GMT
zamorozhenyy-farsh-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/zamorozhenyy-farsh-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dfe3ab439cf1c847fa85b63890939342c1ba7c4d518962903dee62d5fb972f7c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
last-modified
Tue, 19 Jul 2022 07:56:51 GMT
server
nginx
etag
"62d663c3-6572"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
25970
expires
Wed, 27 Jul 2022 05:58:28 GMT
domashnya-kuryacha-kovbasa-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/domashnya-kuryacha-kovbasa-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6ecf81c13ff571f1fa5c421e62318180a47572745c696aa2649efcdb609ad849

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
last-modified
Tue, 19 Jul 2022 06:24:51 GMT
server
nginx
etag
"62d64e33-4192"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
16786
expires
Wed, 27 Jul 2022 05:58:28 GMT
sosysky-v-tisti-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/sosysky-v-tisti-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
851aa9fba03349e18a92f223175d80c91d9f6e14558f2653d5bba30e6f9fae12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.000/wn2107:0.000/
last-modified
Tue, 19 Jul 2022 05:19:32 GMT
server
nginx
etag
"62d63ee4-4e2f"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
20015
expires
Wed, 27 Jul 2022 05:58:28 GMT
zalyvnyy-pyrih-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/zalyvnyy-pyrih-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
bf6821a161da1e846f7b31ec54713297ea9288b4821aedcae98cc7884ea79512

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.012/wn2107:0.000/
last-modified
Mon, 18 Jul 2022 17:20:24 GMT
server
nginx
etag
"62d59658-4329"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
17193
expires
Wed, 27 Jul 2022 05:58:28 GMT
54-3-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/54-3-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c726dcd3780b446fad69bcb14ebacf558f7479343cfd41509ba15b7e2cd9029e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.012/wn2107:0.000/
last-modified
Mon, 18 Jul 2022 15:39:16 GMT
server
nginx
etag
"62d57ea4-580e"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
22542
expires
Wed, 27 Jul 2022 05:58:28 GMT
kusch-troyand-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/kusch-troyand-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
57ab4b4449cf45e14a65c3a97c7a1d8be014ec23c0f72f4ae56997f1c8eb7334

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.013/wn2107:0.000/
last-modified
Mon, 18 Jul 2022 13:45:52 GMT
server
nginx
etag
"62d56410-68ae"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
26798
expires
Wed, 27 Jul 2022 05:58:28 GMT
ovocheve-rahu-775x450.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/ovocheve-rahu-775x450.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
286de79e7774cab30d125c98b824214eab0b0786fddfd55143de4b5666e2f4c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.013/wn2107:0.000/
last-modified
Mon, 18 Jul 2022 12:07:49 GMT
server
nginx
etag
"62d54d15-1028a"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
66186
expires
Wed, 27 Jul 2022 05:58:28 GMT
solona-moyva-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/solona-moyva-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
79f58ec60bb84661951820814d347fcb6afe63fd84aa7d0940be718c8dd520fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.012/wn2107:0.000/
last-modified
Mon, 18 Jul 2022 09:12:44 GMT
server
nginx
etag
"62d5240c-53a9"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
21417
expires
Wed, 27 Jul 2022 05:58:28 GMT
marynovani-ohirky-na-zymu-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/marynovani-ohirky-na-zymu-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6a343f31d06a183c0593d0120dc0183dd805488146a4342dff5fc4efaa625555

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.013/wn2107:0.000/
last-modified
Mon, 18 Jul 2022 07:28:34 GMT
server
nginx
etag
"62d50ba2-442e"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
17454
expires
Wed, 27 Jul 2022 05:58:28 GMT
ohirky-po-hruzynsky-na-zymu-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/ohirky-po-hruzynsky-na-zymu-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
0284217259124c2d030308c8495cba3c8967b67c567965c8ba55e79d6b5451c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.013/wn2107:0.000/
last-modified
Mon, 18 Jul 2022 05:43:26 GMT
server
nginx
etag
"62d4f2fe-4d15"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
19733
expires
Wed, 27 Jul 2022 05:58:28 GMT
abrykosove-varennya-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/abrykosove-varennya-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1452a03bee34de0a0e7fe611c7849b938c605b4673545beeff14dbca47b8ad68

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.012/wn2107:0.000/
last-modified
Sun, 17 Jul 2022 16:54:17 GMT
server
nginx
etag
"62d43eb9-3c1e"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
15390
expires
Wed, 27 Jul 2022 05:58:28 GMT
kapusta-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/kapusta-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
14f6cf7d99d851afb254d0bede27698dd68efda03c0419d7b3440ad6dfc7febf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.013/wn2107:0.000/
last-modified
Sun, 17 Jul 2022 15:11:35 GMT
server
nginx
etag
"62d426a7-5f32"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
24370
expires
Wed, 27 Jul 2022 05:58:28 GMT
litniy-dohlyad-za-polunytseyu-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/litniy-dohlyad-za-polunytseyu-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
d3adcd91a135b1611ce96c130522019f3f703c2a8dd415ec3843bce1200fc394

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.013/wn2107:0.000/
last-modified
Sun, 17 Jul 2022 13:50:38 GMT
server
nginx
etag
"62d413ae-55e7"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
21991
expires
Wed, 27 Jul 2022 05:58:28 GMT
myasni-sharyky-345x230.jpg
zhyttia.com.ua/wp-content/uploads/2022/07/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhyttia.com.ua/wp-content/uploads/2022/07/myasni-sharyky-345x230.jpg
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d6e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1dcc45fbd382cd330674d95d925307ccdb6ac0273ec2e627d04de6740d8c8a9b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p1054:0.013/wn2107:0.000/
last-modified
Sun, 17 Jul 2022 11:38:42 GMT
server
nginx
etag
"62d3f4c2-4e32"
content-type
image/jpeg
cache-control
max-age=604800
date
Wed, 20 Jul 2022 05:58:28 GMT
accept-ranges
bytes
content-length
20018
expires
Wed, 27 Jul 2022 05:58:28 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/ 		337 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7097922196429536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
396884bc221dfcc861d67bef742d596fc2e4dedfd8c04342485c7e768c871172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121464
x-xss-protection
0
server
cafe
etag
1663767672735938822
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Jul 2022 05:58:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/ Frame FB57 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7097922196429536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhyttia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
19222
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:38:07 GMT
etag
8616628553774171045
expires
Wed, 03 Aug 2022 00:38:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146920292-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNB9GS5XVS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
607f4b8b49875558f402f937d11126210a8b6da5f124208a46c09391bf4e22de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42044
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jul 2022 05:58:29 GMT
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TNB9GS5XVS&gtm=2oe7i0&_p=325380656&_z=ccd.v9B&cid=879923630.1658296709&ul=en-us&sr=1600x1200&_s=1&sid=1658296709&sct=1&seg=0&dl=https%3A%2F%2Fzhyttia.com.ua%2F&dr=https%3A%2F%2Fzhyttia.com.ua%2F&dt=%D0%A8%D0%BA%D0%BE%D0%BB%D0%B0%20%D0%96%D0%B8%D1%82%D1%82%D1%8F%20-%20%D0%9A%D0%BE%D1%80%D0%B8%D1%81%D0%BD%D0%B8%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNB9GS5XVS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zhyttia.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7097922196429536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://zhyttia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
cookie.js
partner.googleadservices.com/gampad/ 		218 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zhyttia.com.ua&callback=_gfp_s_&client=ca-pub-7097922196429536
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
6170aecf72e0c6319af64d1f76173ecd461ec0b5f09d20e937741759e6d56602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zhyttia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 05:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zhyttia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 05:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D3A2 		316 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&adk=1812271804&adf=3025194257&lmt=1658296709&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzhyttia.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296709051&bpp=3&bdt=476&idt=247&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4930461733281&frm=20&pv=2&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19a4b05fe137c089e7052c4332f91bdc72390c5b72929d7da2a690ad55b3f643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhyttia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
81829
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 05:58:29 GMT
expires
Wed, 20 Jul 2022 05:58:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146920292-2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3152
date
Wed, 20 Jul 2022 05:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Jul 2022 07:05:57 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=325380656&t=pageview&_s=1&dl=https%3A%2F%2Fzhyttia.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A8%D0%BA%D0%BE%D0%BB%D0%B0%20%D0%96%D0%B8%D1%82%D1%82%D1%8F%20-%20%D0%9A%D0%BE%D1%80%D0%B8%D1%81%D0%BD%D0%B8%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2083783375&gjid=1770634823&cid=879923630.1658296709&tid=UA-146920292-2&_gid=922673852.1658296709&_r=1&gtm=2ou7i0&z=159523074
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zhyttia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zhyttia.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220718&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d17f63c87f6df1108a246a66f3618e920f20afbab0be964e6fd2d4ed68e512f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 05:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10894
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3299a86bae93ff0bd77b5068b5a07e2e70ea17cc3255823313b06886f418c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54143
x-xss-protection
0
server
cafe
etag
1178925065635036397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Jul 2022 05:58:30 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zhyttia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 05:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zhyttia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 05:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3174 		88 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33ee545d6aac1dd70a3529acc0e8c1a5293bd7eb5ee8bd82ef0cfbb2d47f73e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhyttia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33024
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 05:58:30 GMT
expires
Wed, 20 Jul 2022 05:58:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 05:58:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/ Frame E79D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhyttia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
21162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:05:48 GMT
etag
8616628553774171045
expires
Wed, 03 Aug 2022 00:05:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/ Frame 6C9C 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhyttia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
21162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:05:48 GMT
etag
8616628553774171045
expires
Wed, 03 Aug 2022 00:05:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7097922196429536&plah=zhyttia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://zhyttia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
css2
fonts.googleapis.com/ Frame E79D 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 05:56:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 05:58:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 05:58:30 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E79D 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:42:16 GMT
x-content-type-options
nosniff
age
18974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 20 Jul 2023 00:42:16 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E79D 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:29:19 GMT
x-content-type-options
nosniff
age
1751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 20 Jul 2023 05:29:19 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/elements/html/ Frame E79D 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:16:44 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/ Frame B5BB 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff68b95ba1cf59513eca8442ba02eed6e7f10bd6778157e5b066165fd0a40927
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
132711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3996
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Jul 2022 17:06:39 GMT
expires
Tue, 18 Jul 2023 17:06:39 GMT
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 6C9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkkV4hZnXYvjHGoSL3wPH1I7oDZu60IJrwMWq7r8Qr7a-z4gKEAEg2YetTmC7hoCA0AqgAcqZsYUDyAEJqQLfGOe0tiO0PqgDAcgDSKoEzgFP0MSst09yTKX8pbjBf_Rde2evuNyHvxa-4rWsIKxxVfyM4KdRbMJjyJWXTw6zVMHZm94BgaaEQHC4K5WgTuJIcJW72Hk7yhOLoloBIBsdnpsCudX0t09Rn1ACWfmmqaqeicC6_Vf5SffGH_caLqJx5bwo0fHbqQgkoQ4c1vsDhZYbUs9r4skFSZuTI7p2Tcq-Zh7_jlO_tCUivNk4FuvcdkVnyT7RGZx4ik_DwTUaAx-CEwdi9CWHsgjtoACLsH3jFEWw7lqDNrjZjWDHsMAE_761iI0EkgUECAQYAZIFBAgFGASgBi6AB57mznqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD-4DTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03MDk3OTIyMTk2NDI5NTM2GAA&sigh=KQkChOxwfeY&uach_m=[UACH]&template_id=419
Requested by
Host: zhyttia.com.ua
URL: https://zhyttia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Jul 2022 05:58:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 20 Jul 2022 05:58:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame 6C9C 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:03:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:03:50 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B5BB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 09:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 20 Jul 2022 09:41:38 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B5BB 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 20 Jul 2022 16:14:17 GMT
7f77c36f41e3405af584f07f7c1887ea.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/ Frame B5BB 		77 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/7f77c36f41e3405af584f07f7c1887ea.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3daecbc15f0ae1bdc5d6a4eaba92715c28a60c40a44067dc1dece622b1675d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Wed, 20 Jul 2022 05:58:30 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Jul 2023 05:58:30 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B1E4 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 05:10:49 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 6C9C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:06:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C9C 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 05:58:30 GMT
dfafa4fd47dd86b7cbcd5aa280f1fc74.js
www.gstatic.com/mysidia/ Frame DF21 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/dfafa4fd47dd86b7cbcd5aa280f1fc74.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 21:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4359
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 00:22:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 21:19:55 GMT
52320c05881759da4f5ce235ae31b322.js
www.gstatic.com/mysidia/ Frame DF21 		148 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/52320c05881759da4f5ce235ae31b322.js?tag=gpa/dynamic_fig_web_banner_v2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746360d376b7d68eaef61494e468598d15f2b8aad01c86899862e8db144f0ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 05:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56478
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 00:22:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 15 Oct 2022 05:29:17 GMT
css
fonts.googleapis.com/ Frame DF21 		4 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 05:57:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 05:58:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 05:58:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame DF21 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:19:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame DF21 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:51:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:51:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame DF21 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:06:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame DF21 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:26:03 GMT
b8b39a8a01d591fbf8e8e88b2bbf8fd4.js
www.gstatic.com/mysidia/ Frame DF21 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 06:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12830
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 00:22:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 06:21:57 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B1E4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 05:58:30 GMT
expires
Wed, 20 Jul 2022 05:58:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 05:58:30 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C0B4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhyttia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 21:40:37 GMT
expires
Wed, 19 Jul 2023 21:40:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 06C0 		783 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b54034b759a68ec7ef60346ff0691544dbaa6bb6e6e30bb56396374920c09df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a1OADr89TdyF7Xk3N-FWZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zhyttia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-a1OADr89TdyF7Xk3N-FWZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 05:58:30 GMT
expires
Wed, 20 Jul 2022 05:58:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csi
csi.gstatic.com/ Frame DF21 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l5t71mze&c=1906221991242&slotId=953110995621&qqid=CLeesdLkhvkCFYTFdwodR6oD3Q&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/52320c05881759da4f5ce235ae31b322.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:823::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:30 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5562125932238906240
tpc.googlesyndication.com/simgad/ Frame DF21
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCA3v7G3wEQhwYYlgMyCNFPTkNRivrs
  • https://tpc.googlesyndication.com/simgad/5562125932238906240
235 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5562125932238906240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5597cafcbc6673554c103fd4aff5f9a2bd85bd34a98fa6a61e10e21f3f0cc9a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 22:34:19 GMT
x-content-type-options
nosniff
age
285851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240549
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 14:14:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 22:34:19 GMT

Redirect headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 05:58:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/5562125932238906240
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 19 Aug 2022 05:58:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 6C9C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:26:03 GMT
d7546603d65c28feea344212d96f4ed2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		840 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/d7546603d65c28feea344212d96f4ed2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22a5c04d4907aef0a62088b982ff55915fbd66e097e6b08c2fe51ed7e4fbd5f0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
840
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Wed, 20 Jul 2022 05:58:30 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Jul 2023 05:58:30 GMT
a7e0cb6114ba7516be9f71a4e3fd4189.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/a7e0cb6114ba7516be9f71a4e3fd4189.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da91cf4b4dcf9d853404588f5468410292523c3a0df0fdf0f1e454c0038a9a14
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
71737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2843
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Tue, 19 Jul 2022 10:02:53 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:02:53 GMT
8d9873e35ea6d8e8bdf2e1cb9e661975.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		861 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/8d9873e35ea6d8e8bdf2e1cb9e661975.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
596367615b8da08034b32ee614d385dde9a0a4f258b70301559a839fbc21130f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
132709
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Mon, 18 Jul 2022 17:06:41 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Jul 2023 17:06:41 GMT
1100585babea2f4a0450f6552f9ca98c.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/1100585babea2f4a0450f6552f9ca98c.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49a151844aba5dd54555fa2eab169c5a6e43426def2e91ea15136dda343c787f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
99826
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2509
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Tue, 19 Jul 2022 02:14:44 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 02:14:44 GMT
929fe8d6be7e35a125323c66e23c9252.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		1 KB
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/929fe8d6be7e35a125323c66e23c9252.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4110cee1e8453287ac97e782d1c5dd79bf92830fa5509bad58670095502480ce
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
390884
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
772
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Fri, 15 Jul 2022 17:23:46 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Jul 2023 17:23:46 GMT
0bde48251794cb5532090873df007773.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		2 KB
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/0bde48251794cb5532090873df007773.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27ad74e71d1d1a0bf613cbadbbca858c94f761843f2a1485f5dd423df4c5cc33
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
330108
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
696
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Sat, 16 Jul 2022 10:16:42 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 10:16:42 GMT
277cc0559b0d18e325d1759b2491712a.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/277cc0559b0d18e325d1759b2491712a.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04694829b362baa5324d7cacdab31e8d035efe81a6e06886cb3f198183d448c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
230856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1192
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Sun, 17 Jul 2022 13:50:54 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Jul 2023 13:50:54 GMT
bae402f579fd3923bf53c7a51896cbcd.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		2 KB
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/bae402f579fd3923bf53c7a51896cbcd.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2e459a53851f62fbb98b47ab29579792fce2eabe1c5f8b8a35984f5a8362c43
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
189243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
888
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Mon, 18 Jul 2022 01:24:27 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Jul 2023 01:24:27 GMT
2afe02bf5eafde64104a1821572d5417.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		2 KB
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/2afe02bf5eafde64104a1821572d5417.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ed148f583c009deb9124baf07c374eaee5d9f3afbdadc3379dcaf1025103d1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
961
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Wed, 20 Jul 2022 05:58:30 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Jul 2023 05:58:30 GMT
6ef170e7e0471349099af45b04bf6582.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/6ef170e7e0471349099af45b04bf6582.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d7ec6a00342856436bab802051b9b0b21e198970fc8d36f58e617871de649d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
330108
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1097
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Sat, 16 Jul 2022 10:16:42 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 10:16:42 GMT
017539ac6926eb03f3f46c107aebd2de.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		989 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/017539ac6926eb03f3f46c107aebd2de.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e0fa23c9a266ddea5e462a2ccc2c45934dea54bf3cab3352eb44d74ab637ba0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
500062
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
546
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Thu, 14 Jul 2022 11:04:08 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 14 Jul 2023 11:04:08 GMT
42157de18ff7bb6c82598d2095c7594d.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		1 KB
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/42157de18ff7bb6c82598d2095c7594d.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49ac58749d2f75c05f0b022c34115b0c1f366be8d852c64f80ac8b926a69c452
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Wed, 20 Jul 2022 05:58:30 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Jul 2023 05:58:30 GMT
videoplayback
r1---sn-aigzrnld.gvt1.com/ Frame DF21
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=90284e59265f5279&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1658303909&sparams=ip,ipbits,expire,id,...
  • https://r1---sn-aigzrnld.gvt1.com/videoplayback?id=90284e59265f5279&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1658303909&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrnld.gvt1.com/videoplayback?id=90284e59265f5279&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1658303909&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5F761F23E0B0ECF6B8B53E49E06E399839F41910.4EBB7A63CE1198246BA96B79BB4768C7FC00398E&key=cms1&cms_redirect=yes&mh=iP&mip=2001:ac8:21:e::12&mm=28&mn=sn-aigzrnld&ms=nvh&mt=1658296342&mv=m&mvi=1&pl=48
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
2a00:1450:4009:3::6 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
cafea312563ab2241aaee24e6b82223716acad140b012fa1e9d4ce8f17fb94ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Jul 2022 19:57:24 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-1213121/1213122
client-protocol
quic
cache-control
private, max-age=6899
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1213122
expires
Wed, 20 Jul 2022 05:58:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:30 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-aigzrnld.gvt1.com/videoplayback?id=90284e59265f5279&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1658303909&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5F761F23E0B0ECF6B8B53E49E06E399839F41910.4EBB7A63CE1198246BA96B79BB4768C7FC00398E&key=cms1&cms_redirect=yes&mh=iP&mip=2001:ac8:21:e::12&mm=28&mn=sn-aigzrnld&ms=nvh&mt=1658296342&mv=m&mvi=1&pl=48
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
704
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 06C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220718&jk=4383432587268676&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame C0B4 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:00:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
39461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 19:00:49 GMT
truncated
/ Frame 6C9C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80df46f66451dd8b89d7f1e7b13d90d9ac5aba37a5c17e5c77ebb9671984b1fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B5BB 		347 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcaa3cd0858ccbfaf79e65f34addc2d0353d4f98486e96d576765635a9224cf3

Request headers

Referer
Origin
null
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
625fc69cf07090bf2fcf436cc8f40692.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/ Frame B5BB 		2 KB
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/media/625fc69cf07090bf2fcf436cc8f40692.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
729a855b71dd56ea1c4b119260a6e116a4561c4fed80134d0bd45038a28aeeae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
330107
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
754
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 09:33:31 GMT
server
sffe
date
Sat, 16 Jul 2022 10:16:43 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 10:16:43 GMT
css
fonts.googleapis.com/ Frame 3174 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 05:40:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 05:58:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 05:58:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 3174 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:19:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame 3174 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:51:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:51:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 3174 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:06:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3174 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 05:58:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 3174 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:26:03 GMT
l
www.google.com/ads/measurement/ Frame 3174 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUQm8KwOMQLF04NS2VSCr4_yeVERkELXOGXTF8Ujz_9TDBRaVOPZpafZPqUeA-zpvwdinAdXIfSigbluvc7noSRfz4nA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
b8b39a8a01d591fbf8e8e88b2bbf8fd4.js
www.gstatic.com/mysidia/ Frame 3174 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 06:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12830
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 00:22:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 06:21:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3174 		0
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cb7KthpnXYrfKBYrMYbb2gYAB0oamgGqsp7Lc3w-Wgs2FiBYQASDZh61OYLuGgIDQCqABh9752QHIAQmpAgIGdi9KKbQ-qAMByAPLBKoExgFP0Fz7T0pPcRs4M817rZCk5QHi_g59zCzxNEfF8aHAjlKvhge9O-EHYx9tDiV-mfRwgiJkodS-cEjsYf7F7V0jPPcrBKUT-d-Fjzel8wLv0vMYNBmytSVw0m814IePOR3oMoTixiKQUGEBFvjiNe0_tT6e04qLwC7U3izYj8Qcdt1T8kYGMBZ1SNvN-ZwPglgwQrsLpMc-vvF1fkp5cbVjT4WMpxnC8OfUcfbwuPPFNkOQYqGgCc2Bx8guTMYW7AO0fx1DfFXABNXg-_jzA5IFBAgEGAGSBQQIBRgEoAYugAfhoYamAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJXFG9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi03MDk3OTIyMTk2NDI5NTM2GAA&sigh=4z4aWBeQXpU&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Jul 2022 05:58:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/17582289569342534195/ Frame 3174 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17582289569342534195/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5427d004e6791328ba0294e8816be9a790dcdeadb54a68eaac5e97e29d5784d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 13:29:32 GMT
x-content-type-options
nosniff
age
232138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14161
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 13:03:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Jul 2023 13:29:32 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11353861930161249146/ Frame 3174 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11353861930161249146/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5600e2093f5b453d254e68d731561a696f718a444ae07b53233a9354063893a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 10:51:16 GMT
x-content-type-options
nosniff
age
328034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1394
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 14:23:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 10:51:16 GMT
generate_204
tpc.googlesyndication.com/ Frame C0B4 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?EF5KDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame B5BB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:00:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
39461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 19:00:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4B75 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
59039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 13:34:31 GMT
etag
48472445140208031
expires
Wed, 20 Jul 2022 13:34:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3174 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72bde45584814e26d9d4f7b06f37210cd8d53d348be0128509d4cf4caa1fc614

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 4B75 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIpLGGhFrAgBiv-IUFg6CgE&google_cver=1&google_push=AehlK4CbfJtA6amBFnC-juqFEYRobHmcTDfNF0X7XlTrjRSF6n9yXarAwoX-EJgqhlH8yMo7efm2hGEYdl0Bu6m1CfqGDTUwd8xD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4B75
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4A5zr-0...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4A5zr-0...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MjAwNTU4MzEwMDAxMTE4NTA1ODEyOA%3D%3D&google_push=AehlK4A5zr-0o47vz7dvF4pewWf7zgHmyLA7yBUrQP_7GTxcxSivJcOLkgcEShW2MiL5P7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MjAwNTU4MzEwMDAxMTE4NTA1ODEyOA%3D%3D&google_push=AehlK4A5zr-0o47vz7dvF4pewWf7zgHmyLA7yBUrQP_7GTxcxSivJcOLkgcEShW2MiL5P7VcnRmrlnl82GSmJnYV64cpoM7aHzvz
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MjAwNTU4MzEwMDAxMTE4NTA1ODEyOA%3D%3D&google_push=AehlK4A5zr-0o47vz7dvF4pewWf7zgHmyLA7yBUrQP_7GTxcxSivJcOLkgcEShW2MiL5P7VcnRmrlnl82GSmJnYV64cpoM7aHzvz
pragma
no-cache
date
Wed, 20 Jul 2022 05:58:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 20 Jul 2022 05:58:31 GMT
dds
rtb.openx.net/sync/ Frame 4B75 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELEupGsMREYQ0qyi9bzVsyM&google_cver=1&google_push=AehlK4BzjSiOa8q_7jgmMrBM2ZBb8NASlkuvDMSMjr_XmAoJCplImkAzitss_ieZxmncoW1pjdbP_7dC2Hu_09GAlKupj1_apwev
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:31 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6n53h8i05uvpi767teiv5b7lbsrpumtd
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4B75 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP_IQCn5xE3vKFiQi1jwEc8&google_cver=1&google_push=AehlK4Avmr5L8fYP6Nt6qoaEi0dX4EgR6odBRA-Fo_JeVMuQFTADhXn2rqkJbhUDoNA7DmHnWH4sJBOeKLHeetezqdHpRj3yS8E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4B75
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE__Uu9eSS0Zgc-wXWB0y5k&google_cver=1&google_push=AehlK4BJi_TBPe2C8Dh4eBZFaf2nDHVyTnYgtrtSc3mN8PIiUa1uXiQnPd3MnGzR5EVGPNLI2Mq...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVUNzFORzQtMVotTFpBWQ==&google_push=AehlK4BJi_TBPe2C8Dh4eBZFaf2nDHVyTnYgtrtSc3mN8PIiUa1uXiQnPd3MnGzR5EVGPNLI2Mq_v6rRK7r6t2ndt8eIW4-NLGTf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVUNzFORzQtMVotTFpBWQ==&google_push=AehlK4BJi_TBPe2C8Dh4eBZFaf2nDHVyTnYgtrtSc3mN8PIiUa1uXiQnPd3MnGzR5EVGPNLI2Mq_v6rRK7r6t2ndt8eIW4-NLGTf
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVUNzFORzQtMVotTFpBWQ==&google_push=AehlK4BJi_TBPe2C8Dh4eBZFaf2nDHVyTnYgtrtSc3mN8PIiUa1uXiQnPd3MnGzR5EVGPNLI2Mq_v6rRK7r6t2ndt8eIW4-NLGTf
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4B75
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC0iXuexAOKCWXjRVl5nz-g&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEC0iXuexAOKCWXjRVl5nz-g&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC0iXuexAOKCWXjRVl5nz-g&google_hm=YteZh9PZcTLkWEFO9zKtYAAAEbEAAAIB&google_nid=index&google_push=AehlK4DHaNLcsru5YJ9s_K1riZd4UgjOsZH-z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC0iXuexAOKCWXjRVl5nz-g&google_hm=YteZh9PZcTLkWEFO9zKtYAAAEbEAAAIB&google_nid=index&google_push=AehlK4DHaNLcsru5YJ9s_K1riZd4UgjOsZH-ziNnglflMT8tUdPcrthg1HzQtLJigTC8C5M6Aw0ekOiGcmLqf6bAGElYo78HtJta
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G%2BLt1vqlCPEwAUZhy%2F5fE%2Fb7JVB0lClIB3EPLKuQH9yLTbLQmbtlO10d%2B21mT5qLnln3Tu9w9p3rNTAHipT7QZ64xCsKcYWBb41EB1l6%2FbYot33lEJpbVMN%2BjP7%2BwfUa2sqMqC5bobc7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC0iXuexAOKCWXjRVl5nz-g&google_hm=YteZh9PZcTLkWEFO9zKtYAAAEbEAAAIB&google_nid=index&google_push=AehlK4DHaNLcsru5YJ9s_K1riZd4UgjOsZH-ziNnglflMT8tUdPcrthg1HzQtLJigTC8C5M6Aw0ekOiGcmLqf6bAGElYo78HtJta
cache-control
no-cache
cf-ray
72d9772ccac6886b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 4B75 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 4B75 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmLmE0JEl0qivM5Ga68Uu-KM_Q97hA5pNnOuDggj7T1Lg51vp9UqMT05kZnUaWjtTYF4Zqlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:58:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3174 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:47:17 GMT
x-content-type-options
nosniff
age
151874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:47:17 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3174 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 08:44:49 GMT
x-content-type-options
nosniff
age
594822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 08:44:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3174 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:07:47 GMT
x-content-type-options
nosniff
age
154244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:07:47 GMT
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 2125 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:00:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
39462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 19:00:49 GMT
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 70B0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7097922196429536&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1658296710&rafmt=1&to=qs&pwprc=9677144119&psa=0&format=1200x280&url=https%3A%2F%2Fzhyttia.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658296710021&bpp=3&bdt=1446&idt=3&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D447d00c46608f26c-22d90323d3cd0002%3AT%3D1658296709%3ART%3D1658296709%3AS%3DALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA&prev_fmts=0x0&nras=2&correlator=4930461733281&frm=20&pv=1&ga_vid=879923630.1658296709&ga_sid=1658296709&ga_hid=325380656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C44768688%2C42531608%2C31061690&oid=2&pvsid=4383432587268676&tmod=346814126&uas=0&nvt=1&ref=https%3A%2F%2Fzhyttia.com.ua%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cHbG3gPSQP&p=https%3A//zhyttia.com.ua&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:00:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
39462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 19:00:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220718&jk=4383432587268676&bg=!SEulSw_NAAZlvz3gRb87ACkAdvg8WlVOMFZDYMTQNpeaWHQmI5VHHJBJmNwL2-mZMIl1RjbEcCHAiAIAAACYUgAAAAJoAQcKAPef0sD-k73y5r2GedeOWGIIQ1DAL6jWczpJE8V6MpnLT-PA1HzWdcaxcLNgskXaRUfZWXsNmMPpwoAjyRvzaVCq5wYZyZ14rYFjQz_Q_ti8N1y1FMHhtt311swzTa6zyzlaNce7NYJZuv7el0osbDPlAUZyyJdOt8dRVpSEP2uCKQBhPusrli1LPC--joBD1YZu-9fzhLStoQvZr7TttOLlGwXeBfbzg5TYlissjtAIRpq-1jhTyfsban70asIVc6j2t1dP4gRnClCK7bGyjc7ATWuSGHklE9wdLG-ILEuLRPakeXkL4TsNe2_Q1lyELtC55FdN3FOhmQKaCK0pUuJNH0wE9qKjYJpdLviQbBLyx0KQba7nYDlL7Zfx0kwP2_l7Roj1CZqyJ4ZnN1UOZBysdLkAufLSiB1swlffg-dvGtl3J7oOGxlcd_vO8GIDbOFRnM3PNDwl_LdbYNbHv20aZIsYrPConOJUxfAMwu-SV23njAUNzOP5F0v4k6mQxvFUSbsXqy-pDMoYxcG89ZO7mHtXVRddckTThWYTHGCW2KhcdX351L87Ry4JASCCN3rjKkFXshVVoxwcNDP1Uli942Mjw7ajAnV4EC3I1nu6BOsDy6MhNXlLxoFYa71_gjMo8uOwyUdcjWRei62CQ3takVWR5OfDxYbqNGr0IOr6VbxS-KfO0ufmZBL9MMQnAf4uhReNGrXWx1oaNJHYbOlU9QeQ2xHbqKrMAqca3pTqMb7mrZOzgcBO77nAtewNgqBoOqKX4lDRJV1yWbe1b7ZtiosqXydTUhpMZ15T7-GiP5xX0ZRAuMaGq0MaieRaECWDiwgBh9Xuq0KX69HKg0AJl_hwFn9_yr7ukYybVvRRigDyamnzSopr4CjeY37St2_E2L54iqqk0TJ45aVdvMGNPCJwwXJqPWolOD7fHyCQdfj_kSKLORoiP4_Fvz8_b8YVR8Q4T1ovkR4B9fc6GX0PrPph3y67R0KVx-X9kucItvpF4UDCB46ius6zFgWnNwiKNk4zjOHu2RKzCMxNc3LwxBZGYOK0_y8mMJlgn6NZbHiWpugyJE7arHUIRad5OvICTkXxjuUVOXcFMij2hEM7fM1qxAUppt65hI1EITgEUh3f_BcOd8zl3NlVzEO3puomNy8mayTBUU3ng5z2IVztKRDXXa78g0MGj4eBher3NKsbgLrkR1rcDf3hImLlpvuQDxcs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://zhyttia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C9C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4SmaNXlfgM4lqJ9C8BrtUOSrt-bN8fmuP9Na5qT3Aq8MMQExODSlay5ZTv1ZnCPNjVAkQlEkkf3P7MFJEV3vsMKmB7wq0mqf4MU1AnvGd4Y1g7pJQrtInc13aJIAKVrTxu0yRRDeAe6wN&sai=AMfl-YRhZvfnTlvaWCm4PQsM9EJX9IDK8EVhj-zQrs5NzC7J4XBkmF-XvVD3SaOarOzYeTK482l-WERr_JZd&sig=Cg0ArKJSzK177Xv7ZVeVEAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,795,1000,1000,1000&tos=0,795,205,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658296710121&rpt=422&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DF21 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l5t71mzl&c=1906221991242&slotId=953110995621&qqid=CLeesdLkhvkCFYTFdwodR6oD3Q&umsem=0&ple=1&ape=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/52320c05881759da4f5ce235ae31b322.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:823::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 05:58:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKQM1C1BSQ78wwIasTFYM1Y&google_cver=1&google_push=AehlK4BHm_fEdkWVzMnFfU4u6FCdWtNSKJC8dbK5rW4RZhPwLKvpEDHoPYP7PRnN0KwVaUVF0c9fF3py91Q75LiBm3IoMjgUQU8a

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| $ function| jQuery function| gtag object| dataLayer string| iS object| iD object| iP string| iR string| iT string| iH number| iI object| pseudo_links object| settings_array object| wps_ajax boolean| isMobile boolean| isSearchBot object| VK object| ODKL object| _goodshare object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal boolean| laScriptLoaded function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| google_llp number| google_lpabyc object| GoogleGcLKhOms object| googletag object| google_image_requests

31 Cookies

Domain/Path Name / Value
zhyttia.com.ua/ Name: __slsid
Value: 36bca3db6290bd652e5c871c65e68afd
zhyttia.com.ua/ Name: access_challenge_global
Value: vBJQNUBfl4mvSqGmEyDBrw
zhyttia.com.ua/ Name: access_challenge_global_expires
Value: 1658901508
.i.ua/ Name: __cf_bm
Value: hJxWGtdxnTkTBWZOIF8jDlJNBmSZajDGDnIXtcLeDNs-1658296709-0-Aaykr+Gbyb/YQFxq/S0BUaEPz+Iar8BWPjLJCD5j/VxBkwRH0SsKdhsUxqEJqQpyoogex0X+6PbgYQAbPowLcEs=
.yadro.ru/ Name: FTID
Value: 1Yrvc50R8DuM1Yrvc50012i0
.zhyttia.com.ua/ Name: _ga_TNB9GS5XVS
Value: GS1.1.1658296709.1.0.1658296709.0
.yadro.ru/ Name: VID
Value: 3yGiXb3VkVeM1Yrvc5001U_B
.zhyttia.com.ua/ Name: surfer_uuid
Value: ec8db242-7e20-43f8-8d53-c395b81d81f3
.zhyttia.com.ua/ Name: la_page_depth
Value: %7B%22last%22%3A%22https%3A%2F%2Fzhyttia.com.ua%2F%22%2C%22depth%22%3A1%7D
.zhyttia.com.ua/ Name: page_load_uuid
Value: 67e777e6-bcbe-416c-9382-f5229cbeb50f
.zhyttia.com.ua/ Name: __gads
Value: ID=447d00c46608f26c-22d90323d3cd0002:T=1658296709:RT=1658296709:S=ALNI_MZI-jgJSBFnDOR3wv39l1j8Q8OFHA
.zhyttia.com.ua/ Name: _ga
Value: GA1.3.879923630.1658296709
.zhyttia.com.ua/ Name: _gid
Value: GA1.3.922673852.1658296709
.zhyttia.com.ua/ Name: _gat_gtag_UA_146920292_2
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkDbQkIDXqOo2zxw9B8QhJLkwgu6PGDKZMSOjtur9usNhDNx9t7AOMSUeL3KEQ
.casalemedia.com/ Name: CMID
Value: YteZh9PZcTLkWEFO9zKtYAAA
.casalemedia.com/ Name: CMPS
Value: 4529
.casalemedia.com/ Name: CMPRO
Value: 4529
.quantserve.com/ Name: d
Value: EGoBCQHUJoEA
.quantserve.com/ Name: mc
Value: 62d79987-158e9-5a40b-69c16
.casalemedia.com/ Name: CMTS
Value: 4406
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022072005583100011185058128
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62d799876e50967c
.addthis.com/ Name: ouid
Value: 62d799870001bd0c40dfa7d9c3f231d0395aa0a467bcbb11555a
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220720
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: https://zhyttia.com.ua/
Message:
Failed to load resource: the server responded with a status of 503 ()
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3060777481077409151/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKQM1C1BSQ78wwIasTFYM1Y&google_cver=1&google_push=AehlK4BHm_fEdkWVzMnFfU4u6FCdWtNSKJC8dbK5rW4RZhPwLKvpEDHoPYP7PRnN0KwVaUVF0c9fF3py91Q75LiBm3IoMjgUQU8a
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
counter.yadro.ru
csi.gstatic.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.i.ua
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.i.ua
r1---sn-aigzrnld.gvt1.com
redirector.gvt1.com
region1.google-analytics.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ukraine.com.ua
ykopdx.com
zhyttia.com.ua
googlecm.hit.gemius.pl
104.111.215.191
104.18.18.126
104.18.3.81
142.250.186.34
172.217.18.98
198.47.127.19
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::200a
2a00:1450:4001:830::2002
2a00:1450:4009:3::6
2a00:1450:4009:823::2003
2a04:8000:0:e022::54
2a06:6440:0:2d6e::1
35.186.253.211
62.76.25.28
69.173.144.138
88.212.201.198
0284217259124c2d030308c8495cba3c8967b67c567965c8ba55e79d6b5451c7
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03d7ec6a00342856436bab802051b9b0b21e198970fc8d36f58e617871de649d
079ab8447fe701b056918e27036e3aef13f9437e2639c60b6d0131792350967f
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
104ed46b173bea53e67cf2d8e4f1203fe1ac50fb9ae86e0e9c20149b13613e09
114ab74126638a7075f6e69fd084f2453e8ec58d22ceb720934a8cf0b8001718
1452a03bee34de0a0e7fe611c7849b938c605b4673545beeff14dbca47b8ad68
14f6cf7d99d851afb254d0bede27698dd68efda03c0419d7b3440ad6dfc7febf
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a4b05fe137c089e7052c4332f91bdc72390c5b72929d7da2a690ad55b3f643
1dcc45fbd382cd330674d95d925307ccdb6ac0273ec2e627d04de6740d8c8a9b
22a5c04d4907aef0a62088b982ff55915fbd66e097e6b08c2fe51ed7e4fbd5f0
27ad74e71d1d1a0bf613cbadbbca858c94f761843f2a1485f5dd423df4c5cc33
286de79e7774cab30d125c98b824214eab0b0786fddfd55143de4b5666e2f4c6
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8
33ee545d6aac1dd70a3529acc0e8c1a5293bd7eb5ee8bd82ef0cfbb2d47f73e3
35cd1e352811baf1186007bbee781fb0eb4ea9ab0aa7fc0ae82bdbed8ca9ee92
396884bc221dfcc861d67bef742d596fc2e4dedfd8c04342485c7e768c871172
3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
4088c4396769f8eda76e6f28917417d031b5d62da99e90135de61cefa16dfafa
4110cee1e8453287ac97e782d1c5dd79bf92830fa5509bad58670095502480ce
44d3542b2ed686bee258431841e6eb16595343c82d16d51318ebd01f522b9a5e
4739a91f129b4e733c6d7144223885206b475d483ef7713463422a598a9a9a3f
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49a151844aba5dd54555fa2eab169c5a6e43426def2e91ea15136dda343c787f
49ac58749d2f75c05f0b022c34115b0c1f366be8d852c64f80ac8b926a69c452
4b54034b759a68ec7ef60346ff0691544dbaa6bb6e6e30bb56396374920c09df
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5427d004e6791328ba0294e8816be9a790dcdeadb54a68eaac5e97e29d5784d0
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5597cafcbc6673554c103fd4aff5f9a2bd85bd34a98fa6a61e10e21f3f0cc9a3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5600e2093f5b453d254e68d731561a696f718a444ae07b53233a9354063893a9
57ab4b4449cf45e14a65c3a97c7a1d8be014ec23c0f72f4ae56997f1c8eb7334
596367615b8da08034b32ee614d385dde9a0a4f258b70301559a839fbc21130f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
607f4b8b49875558f402f937d11126210a8b6da5f124208a46c09391bf4e22de
6170aecf72e0c6319af64d1f76173ecd461ec0b5f09d20e937741759e6d56602
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c996e7c9eae7e129241bbe54758ad989c6e5514a2c94bb4731610c1620b1f4
63ed148f583c009deb9124baf07c374eaee5d9f3afbdadc3379dcaf1025103d1
6a343f31d06a183c0593d0120dc0183dd805488146a4342dff5fc4efaa625555
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ecf81c13ff571f1fa5c421e62318180a47572745c696aa2649efcdb609ad849
71b19228b9a14c7f31f9e98aaf4f20553b76fd5ad5568ab9bb1c684b877020bf
729a855b71dd56ea1c4b119260a6e116a4561c4fed80134d0bd45038a28aeeae
72bde45584814e26d9d4f7b06f37210cd8d53d348be0128509d4cf4caa1fc614
746360d376b7d68eaef61494e468598d15f2b8aad01c86899862e8db144f0ad8
79f58ec60bb84661951820814d347fcb6afe63fd84aa7d0940be718c8dd520fc
7e0fa23c9a266ddea5e462a2ccc2c45934dea54bf3cab3352eb44d74ab637ba0
80df46f66451dd8b89d7f1e7b13d90d9ac5aba37a5c17e5c77ebb9671984b1fb
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
851aa9fba03349e18a92f223175d80c91d9f6e14558f2653d5bba30e6f9fae12
89f8aad7725dc0794604a1118dd2f85e9fce51ae549ca5d645d06c846ff5ae8b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a04694829b362baa5324d7cacdab31e8d035efe81a6e06886cb3f198183d448c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3daecbc15f0ae1bdc5d6a4eaba92715c28a60c40a44067dc1dece622b1675d5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a792e5221b2e017b618096ec9d5b2a70d573f24f7b490ffb8212eb0d2c70a4ed
a938e401714141fb4356caacc971426923d8556b5a317091d3cf11d09a44fa3d
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf6821a161da1e846f7b31ec54713297ea9288b4821aedcae98cc7884ea79512
bf9383b93a922ea778362ef7a1bee91ff9696776bd971fbb7c8ddbe9a6a670a2
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2e459a53851f62fbb98b47ab29579792fce2eabe1c5f8b8a35984f5a8362c43
c3299a86bae93ff0bd77b5068b5a07e2e70ea17cc3255823313b06886f418c90
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
c726dcd3780b446fad69bcb14ebacf558f7479343cfd41509ba15b7e2cd9029e
ca3bf784917d9178a97bd187f42015ba9d407813099db651243619c114360fea
cafea312563ab2241aaee24e6b82223716acad140b012fa1e9d4ce8f17fb94ef
d17f63c87f6df1108a246a66f3618e920f20afbab0be964e6fd2d4ed68e512f2
d3adcd91a135b1611ce96c130522019f3f703c2a8dd415ec3843bce1200fc394
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
da91cf4b4dcf9d853404588f5468410292523c3a0df0fdf0f1e454c0038a9a14
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfe3ab439cf1c847fa85b63890939342c1ba7c4d518962903dee62d5fb972f7c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fcaa3cd0858ccbfaf79e65f34addc2d0353d4f98486e96d576765635a9224cf3
ff68b95ba1cf59513eca8442ba02eed6e7f10bd6778157e5b066165fd0a40927