www.moirebenok.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://moirebenok.ua/
Effective URL:
https://www.moirebenok.ua/
Submission: On August 14 via api (August 14th 2022, 3:46:56 am UTC) from GB — Scanned from GB

Summary HTTP 340 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 60 IPs in 11 countries across 41 domains to perform 340 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.moirebenok.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time www.moirebenok.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
88	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:c00... 2a04:4e42:c00::282	54113 (FASTLY) (FASTLY)
9	2a03:90c0:e1:... 2a03:90c0:e1:2801::254	199524 (GCORE) (GCORE)
1	116.203.211.129 116.203.211.129	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1	217.16.18.206 217.16.18.206	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
7	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
5	188.40.114.52 188.40.114.52	24940 (HETZNER-AS) (HETZNER-AS)
8	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
17	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2 4	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	3.122.40.23 3.122.40.23	16509 (AMAZON-02) (AMAZON-02)
1 1	52.29.69.202 52.29.69.202	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:206... 2600:9000:206e:b400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
20	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 11	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.202.123.230 18.202.123.230	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:c200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.201.66 18.195.201.66	16509 (AMAZON-02) (AMAZON-02)
2 2	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
11	2600:1f18:1ac... 2600:1f18:1aca:4281:a4e2:e749:4428:16b3	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
340	60

2 2a06:98c1:3120::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

moirebenok.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

88 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.moirebenok.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.211.129 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.129.211.203.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.websitepolicies.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.16.18.206 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.40.114.52 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.52.114.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.40.23 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-40-23.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.69.202 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-69-202.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:b400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.123.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-123-230.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.201.66 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-66.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.7.201.234 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Herrischried, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	moirebenok.ua 1 redirects moirebenok.ua www.moirebenok.ua	2 MB
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com — Cisco Umbrella Rank: 297	797 KB
40	criteo.net static.criteo.net — Cisco Umbrella Rank: 627 pix.eu.criteo.net — Cisco Umbrella Rank: 7159 csm.eu.criteo.net — Cisco Umbrella Rank: 7456	119 KB
28	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	156 KB
17	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 41533 inv-nets.admixer.net — Cisco Umbrella Rank: 2584	201 KB
15	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 602 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 538	96 KB
13	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11084 ads.eu.criteo.com — Cisco Umbrella Rank: 7034 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9488 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13161 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	122 KB
11	google.com ampcid.google.com — Cisco Umbrella Rank: 1708 adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	3 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	235 KB
7	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 8094	11 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 8117 ampcid.google.de — Cisco Umbrella Rank: 48742 www.google.de — Cisco Umbrella Rank: 5596	2 KB
6	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16084 tt.onthe.io — Cisco Umbrella Rank: 13078	19 KB
5	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	61 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	173 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	40 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 100	491 B
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	750 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	creativecdn.com 1 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951 creativecdn.com — Cisco Umbrella Rank: 630	857 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1751	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 326	922 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1516	415 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 611	107 B
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1464	1 KB
2	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 577 image6.pubmatic.com — Cisco Umbrella Rank: 636	208 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	111 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9467	1 KB
2	websitepolicies.io cdn.websitepolicies.io — Cisco Umbrella Rank: 101260	8 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11572	1 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 925	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 568	758 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1083	464 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6656	322 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 77882	351 B
1	adriver.ru content.adriver.ru — Cisco Umbrella Rank: 38565	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	50 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1493	425 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
340	41

	Domain	Requested by
88	www.moirebenok.ua	www.moirebenok.ua
31	pagead2.googlesyndication.com	www.moirebenok.ua pagead2.googlesyndication.com moirebenok.ua cdn.admixer.net googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.moirebenok.ua s0.2mdn.net
20	pix.eu.criteo.net	ads.eu.criteo.com
17	static.criteo.net	cdn.admixer.net www.moirebenok.ua ads.eu.criteo.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	dt.adsafeprotected.com	googleads.g.doubleclick.net
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
9	s0.2mdn.net	www.moirebenok.ua s0.2mdn.net
9	cdn.admixer.net	www.moirebenok.ua cdn.admixer.net
8	inv-nets.admixer.net	cdn.admixer.net www.moirebenok.ua
7	www.google.com	www.moirebenok.ua googleads.g.doubleclick.net tpc.googlesyndication.com
7	a4p.adpartner.pro	www.moirebenok.ua a4p.adpartner.pro
5	tt.onthe.io	cdn.onthe.io
4	www.googletagservices.com	googleads.g.doubleclick.net
4	bidder.criteo.com	static.criteo.net
4	ib.adnxs.com	2 redirects www.moirebenok.ua googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com a4p.adpartner.pro www.moirebenok.ua www.google-analytics.com
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.facebook.com	1 redirects www.moirebenok.ua
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	x.bidswitch.net	3 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	googleads4.g.doubleclick.net	www.moirebenok.ua
2	e.dlx.addthis.com	2 redirects
2	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	id.rlcdn.com	googleads.g.doubleclick.net
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	www.google.de	www.moirebenok.ua
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	creativecdn.com	1 redirects www.moirebenok.ua
2	connect.facebook.net	www.moirebenok.ua connect.facebook.net
2	counter.yadro.ru	1 redirects www.moirebenok.ua
2	cdn.websitepolicies.io	www.moirebenok.ua cdn.websitepolicies.io
2	moirebenok.ua	1 redirects a4p.adpartner.pro
1	mug.criteo.com
1	ade.googlesyndication.com
1	m.exactag.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	image8.pubmatic.com	www.moirebenok.ua
1	sonata-notifications.taptapnetworks.com	1 redirects
1	m.trafmag.com	www.moirebenok.ua
1	prebid-eu.creativecdn.com	cdn.admixer.net
1	content.adriver.ru	www.moirebenok.ua
1	www.googletagmanager.com	www.moirebenok.ua
1	cdn.onthe.io	www.moirebenok.ua
1	polyfill.io	www.moirebenok.ua
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
340	67

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
burda.ua
vaccination.moirebenok.ua
topicrem.moirebenok.ua
zdravo.moirebenok.ua
burdastyle.ua
na-proby.com
liza.ua
marieclaire.ua
www.antrenman.info
www.yasak.biz
www.doldur.info
www.temizle.biz
www.hokkabaz.info
www.tekrar.biz
www.zevkliseks.info
www.aerodinamik.info
www.tebessum.biz
www.tasom.biz
www.kolikporno.info
www.gramofon.info
www.tasdik.biz
www.liveinternet.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-23` - `2022-08-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-22` - `2022-10-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.moirebenok.ua/
Frame ID: 46425DF3FE2B7C4862B4932C85150A12
Requests: 162 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: F11F3A7139C46FD8EAE93E83142D1350
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: 7251A57D240D13EA13ABE4F9CD5CE50E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=7c136a64-1c2f-4b37-9619-b9b85bbe8cb2&site_visited=1&location=https%3A%2F%2Fwww.moirebenok.ua%2F&referer=
Frame ID: 19405308C45F3205186725DBDB58D95E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=2633&apuid=b9dd2583-8700-47ac-9cb2-f18deedbc10b&session_pageview=1&session_id=7c136a64-1c2f-4b37-9619-b9b85bbe8cb2&site_visited=1&location=https%3A%2F%2Fwww.moirebenok.ua%2F
Frame ID: D513CBE7925692521070979393C0B8E0
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=2594086687&adf=1314719486&lmt=1660448809&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808728&bpp=3&bdt=919&idt=316&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8795719047812&frm=20&pv=2&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Frame ID: 9A9E0EEB10CF1FDBC4D8C320CBA73003
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=5442240898&adk=3104416150&adf=76155185&pi=t.ma~as.5442240898&w=940&lmt=1660448809&rafmt=12&psa=0&format=940x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808731&bpp=1&bdt=923&idt=339&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Hz6pXzHLw&p=https%3A//www.moirebenok.ua&dtd=346
Frame ID: D75D9497D2546296ED587E0B0ABD6F8E
Requests: 14 HTTP requests in this frame

Frame: https://moirebenok.ua/MR-Desc-Float.html?adId=2187739&unitId=2633&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2633%2F2187739%2F1b1dc514-53db-4695-bab7-5d4fa1159710%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwNDQ4ODA4LCJzaG93X2lkIjoiMWIxZGM1MTQtNTNkYi00Njk1LWJhYjctNWQ0ZmExMTU5NzEwIiwiYWRfdW5pdF9pZCI6MjYzMywicnVsZV9pZCI6MTkxNzE2LCJhZF9pZCI6MjE4NzczOSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjlkZDI1ODMtODcwMC00N2FjLTljYjItZjE4ZGVlZGJjMTBiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D74917a12c466f0654c4504d5f516f043&showId=1b1dc514-53db-4695-bab7-5d4fa1159710&apuid=b9dd2583-8700-47ac-9cb2-f18deedbc10b
Frame ID: 5188F2997E4D5C3894925AA3FCA27C8C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=7659859057&adk=2353355361&adf=1860012115&pi=t.ma~as.7659859057&w=1000&lmt=1660448809&rafmt=12&psa=0&format=1000x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808732&bpp=1&bdt=924&idt=366&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x250&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=h5jvuE1nNT&p=https%3A//www.moirebenok.ua&dtd=368
Frame ID: 622CC079350F450AB60C3C588FBD4C41
Requests: 7 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b9dd2583-8700-47ac-9cb2-f18deedbc10b%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2187739%252C%2522rule_id%2522%253A191716%252C%2522show_id%2522%253A%25221b1dc514-53db-4695-bab7-5d4fa1159710%2522%257D%255D%252C%2522unit_id%2522%253A2633%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221b1dc514-53db-4695-bab7-5d4fa1159710%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwww.moirebenok.ua%252F%2522%257D
Frame ID: 91218102E84029D33B6D54BA1EA66D98
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b9dd2583-8700-47ac-9cb2-f18deedbc10b%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2187739%252C%2522rule_id%2522%253A191716%252C%2522show_id%2522%253A%25221b1dc514-53db-4695-bab7-5d4fa1159710%2522%257D%255D%252C%2522unit_id%2522%253A2633%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221b1dc514-53db-4695-bab7-5d4fa1159710%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwww.moirebenok.ua%252F%2522%257D
Frame ID: 4927FFC8D146CA4F5A504150E215AB56
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvhwKQADR70Kd-8XAAZ3bOp5GJvlj8pVBwBjXA&u=%7CGrJYC9S4%2BjBeSWqm6%2FW8lAhSrfCHJO%2BHFLUNwoIhyxo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi67Py6EMArozB5jyo1UywDe8xTxgO4NR5rMIVsjajSTwuCdCMoq3eamhIoqM4f_Qe0wQsZwBd-qnlEDf1r6UQKAYSNnPnarMLoOf8la5WNmmlVimZCdUOGNfkh5sU9SHys-uhOG5HqIaVQ6UQIWluawEK_oqm-bgpm9r5tFjHSfQaC5xk1RCuxiODKEtOUd8P8uMfYCS4xc_HPhiNyGdwWPr3gbepl0zWfdq2n6UysWjoQaB5H1q-bclVmBKrphaG9SHbBruP3xn8bFwry8zL-pOk9TPnimVybk2ysn9IUDr1z_FJFyfdHDjfCgazdqRklFT6c4L2n4fB8rtGfaWxBCBkddpO5bwV7hZxcWyRlLgs3yp_HirATnaAYKtqrn_3VYchdq7l3cRgN9nM4mL3sBGuwfjKBHGnyQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNH6vKXD4Yr2PDZfe3wPs7pmYB8me0rFc9eqhhogBwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTJAU_QpaqU9dc9GNq-WVY5spIap1JcSCtuRZ9TyUwJORjz6yRdSwHSL1DkhOQSV4-oX51yiSn3Zh1nQNl8Fyun16v1dqsT2jWhA-TVKWDFL37mbpdVxPQ7k7ZmFSvuvoX5kPNU3fctmwAb5iRSJKqXsXuiyUbXIE37InePkYfgW_ngTpGlgA0WMgHk921drlq-zdI_uLwvwl4ZYx9wJpNBQw0UR4ak8VXsQx3LV_NU7Kn5X_5fy8bbS3voBpn2MqEYppSaPykQ6mHEHYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TaEGBjNNQX1TaAFSKSGu8E_PZaw%26client%3Dca-pub-7141688687918598%26adurl%3D
Frame ID: B86978F68A0B906BD51550B1E06B1FF3
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598
Frame ID: E450FFF9D9B61B9404108D4367B65634
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 609BD880593AE0BEB01AB1B3DE922235
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=2373185784&plat=1%3A1536%2C2%3A1536%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809704&bpp=3&bdt=303&idt=167&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&nras=1&correlator=8598619826881&frm=24&ife=1&pv=2&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.y6fxslgl5px5&fsb=1&dtd=184
Frame ID: 5F076026C5F521D475FF8F276C6F5E8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=280&slotname=6075314649&adk=1065767661&adf=3279755402&pi=t.ma~as.6075314649&w=1200&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809707&bpp=1&bdt=305&idt=192&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8598619826881&frm=24&ife=1&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.7k116ttybet1&fsb=1&dtd=195
Frame ID: 5EDF8C3A6A9D76FBD89508CFC782686A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=480832095&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809728&bpp=2&bdt=158&idt=237&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.v62hn97p0nfx&fsb=1&dtd=255
Frame ID: 15DFB24676B60168109B0B1ADCC62661
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Frame ID: 55B837AD50ADC1258BA9A61E87B2D2E1
Requests: 31 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvhwKQAOa_0H_Z0jAAPGQB0FBEIdoN7lgEmWQQ&u=%7Cd5Cp9rqCfK211g%2ByBlkpNagUPGkqLg2%2B2CImROS%2BeCo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi67Py6EMArozB3p0PJKuqlZdMeMo4U0SYvHRQ9Ol68y4hoV-ZIxtMO8keCMkJsqgqTdHNRBTr_RbMS_oPCuLdw8gkC1sLqjEwzHNyKhRGHTh6wKHtZSMYTOuuJSYDArgmD0cE16G_0ybZPp1eT-fzlOBPLLLQuQPkbjZZRFDJyIv1mnOgK1uy8ulW7LL8w3Zd6klUE7mjxrr02Hw2qx21D_KF3mQ8FkrLA90VjJvtwPjzKMql9q7-1J_MaKMVxp4eNUrhvEy3bq0FHLH2e6e-aLbIbTZ0zcjCuljImr4mjLRQZAQ20rNk73IXIupTFZGlMZnDVCpFaUrH5kB-aqpm02R7DvMAmkDL0gURU4bQl_rupqhLM1t2f4teo5uoRJc3xiw8iz0Y8LxyRb7Gtwyf7ag-2jEAnN0c_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnqjxKXD4Yv3XOaO69u8PwIyPgAXJntKxXMWymPdwwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTJAU_QCZyaIhCdY9hhUMTTsgQfMNabArxU20EzjFp4ojnEDSgdXcyzfvocvVba2wG9fkIF03GdbmvHv7YaA9f_fZjTKgykm3n5tiOQbDt8yX_Jjn5RVHtEaKQoB3owIDM_OizinS5r2a4uHjI-HrKC80SA6dxYrIcaoQKaHu9Zb-JlbiqzdpDw1An4PCzDklRxYSpyoV3yuKWsb0fT8UWWVlivIYNDxhEdQhgaxgJi3aaVVmlh2Dpiwgtxtli73Cc-aYm4qyoBkHxE_YAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dsCgUB_yOZtGsqxvB13RZ2itgpQ%26client%3Dca-pub-7141688687918598%26adurl%3D
Frame ID: 1F0B9F9B3288E8DCEFA91DD067F818E8
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 247AAEFA3B7B3CD99CF05C796474CF01
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: A69F884556FA4CD3190BC265F7BFC07F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F99148A09B75411AE84C2A927805330
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E0A2801EE9B7C49012AD046DBAF7C29
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW52c1LdTfgYESgcVh5YKVDsOm2x9GFaTMmKAwLPhRES6t2gajvX5k-Sgg14BbJU3xYtcGg3AtRlMH2Zpz6ppmcyRyHeqT89f8GkLF1DvN96iCS3UYOIKlD_uFeJiMO8zH_YhGv9s3h7tqW4ToNlaVVJ2h1nJbI0H5USUrovwgxyuv_DqE
Frame ID: C684E7104BC7928DB9DBC9DCEC51531A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 23DDBF5CFA37D6A3A639925B230AAF97
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D5D909C543275995A00BAB1939C0574
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3814B91C14FDAE3FF3419FCB7FE6E7D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF4277C8D3CE4D332200F8D00D91091B
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247
Frame ID: 03E143FEAB64259CE228662230D569BE
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: AB6F223395389F900F2DDF753E73FBC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: 607D42D8CC59D30885A45AD3A35F66C3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.moirebenok.ua
Frame ID: 1CAB77EFB167E1ECCE4AAB0A014240E1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BCC29AF8F6A60A36AE8315DA7E592C41
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF06C06B3F3502F6EB913F54FB13DA2E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Мой ребенок — онлайн журнал для современных родителей

Page URL History Show full URLs

http://moirebenok.ua/ HTTP 301
https://www.moirebenok.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

340
Requests

94 %
HTTPS

51 %
IPv6

41
Domains

67
Subdomains

60
IPs

11
Countries

4391 kB
Transfer

9053 kB
Size

60
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/moirebenok/
Title: <img src="/wp-content/themes/moirebenok/images/svg/fb.svg" />

Search URL Search Domain Scan URL

URL: https://www.instagram.com/moirebenok_ua
Title: <img src="/wp-content/themes/moirebenok/images/svg/insta.svg" />

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCC7D7BEEq5J3ASVujAlXh-A
Title: <img src="/wp-content/themes/moirebenok/images/svg/yt.svg" />

Search URL Search Domain Scan URL

URL: https://burda.ua/uk/projects/magazines
Title: Журналы

Search URL Search Domain Scan URL

URL: https://vaccination.moirebenok.ua/?utm_source=article&utm_medium=refferal&utm_campaign=blok_nashi_proektu
Title: <img width="135" height="90" src="https://www.moirebenok.ua/wp-content/uploads/2021/12/136-98-135x90.jpg" class="attachment-project size-project" alt="" />ЯК ЗАХИСТИТИ ДИТИНУ ВІД ГРИПУ?

Search URL Search Domain Scan URL

URL: https://topicrem.moirebenok.ua/?utm_source=article&utm_medium=refferal&utm_campaign=blok_nashi_proektu
Title: <img width="135" height="90" src="https://www.moirebenok.ua/wp-content/uploads/2021/12/Nashi-proekty-138-h-98-135x90.png" class="attachment-project size-project" alt="" srcset="https://www.moirebenok.ua/wp-content/uploads/2021/12/Nashi-proekty-138-h-98-135x90.png 135w, https://www.moirebenok.ua/wp-content/uploads/2021/12/Nashi-proekty-138-h-98-140x93.png 140w" sizes="(max-width: 135px) 100vw, 135px" />ОСОБЛИВОСТІ ДОГЛЯДУ за шкірою дитини: питання та відповіді

Search URL Search Domain Scan URL

URL: https://zdravo.moirebenok.ua/?utm_source=article&utm_medium=refferal&utm_campaign=blok-nashi-proekty
Title: <img width="135" height="90" src="https://www.moirebenok.ua/wp-content/uploads/2021/08/136-98-135x90.jpg" class="attachment-project size-project" alt="" />Новий колектив: секрети легкої адаптації, щоб дитина росла здоровою!

Search URL Search Domain Scan URL

URL: https://burda.ua/

Search URL Search Domain Scan URL

URL: https://burdastyle.ua/

Search URL Search Domain Scan URL

URL: https://na-proby.com/

Search URL Search Domain Scan URL

URL: https://liza.ua/

Search URL Search Domain Scan URL

URL: https://marieclaire.ua/

Search URL Search Domain Scan URL

URL: http://www.antrenman.info/
Title: sex

Search URL Search Domain Scan URL

URL: http://www.yasak.biz/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.doldur.info/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.temizle.biz/
Title: bedava porno

Search URL Search Domain Scan URL

URL: http://www.hokkabaz.info/
Title: porno indir

Search URL Search Domain Scan URL

URL: http://www.tekrar.biz/
Title: türk porno

Search URL Search Domain Scan URL

URL: http://www.zevkliseks.info/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.aerodinamik.info/
Title: porno izle

Search URL Search Domain Scan URL

URL: http://www.tebessum.biz/
Title: mobil porno izle

Search URL Search Domain Scan URL

URL: http://www.tasom.biz/
Title: porno gif

Search URL Search Domain Scan URL

URL: http://www.kolikporno.info/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.gramofon.info/
Title: porno izle

Search URL Search Domain Scan URL

URL: http://www.tasdik.biz/
Title: porno resimler

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://moirebenok.ua/ HTTP 301
https://www.moirebenok.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://counter.yadro.ru/hit?t50.6;r;s1600*1200*24;uhttps%3A//www.moirebenok.ua/;h%u041C%u043E%u0439%20%u0440%u0435%u0431%u0435%u043D%u043E%u043A%20%u2014%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0441%u043E%u0432%u0440%u0435%u043C%u0435%u043D%u043D%u044B%u0445%20%u0440%u043E%u0434%u0438%u0442%u0435%u043B%u0435%u0439;0.7291511754124971 HTTP 302
https://counter.yadro.ru/hit?q;t50.6;r;s1600*1200*24;uhttps%3A//www.moirebenok.ua/;h%u041C%u043E%u0439%20%u0440%u0435%u0431%u0435%u043D%u043E%u043A%20%u2014%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0441%u043E%u0432%u0440%u0435%u043C%u0435%u043D%u043D%u044B%u0445%20%u0440%u043E%u0434%u0438%u0442%u0435%u043B%u0435%u0439;0.7291511754124971

Request Chain 118

https://ib.adnxs.com/setuid?entity=533&code=5805c5dc57dc4e5d8139152b50afec8c HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D5805c5dc57dc4e5d8139152b50afec8c

Request Chain 119

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 120

https://x.bidswitch.net/sync?ssp=admixer&user_id=5805c5dc57dc4e5d8139152b50afec8c&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=5805c5dc57dc4e5d8139152b50afec8c&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=31542910-3d8c-4f74-8184-184f8488eed3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_435260c2-f7e0-496a-8ad3-6c4de6bbc7bf&bsw_param=31542910-3d8c-4f74-8184-184f8488eed3&expires=10 HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=31542910-3d8c-4f74-8184-184f8488eed3&gdpr=&consent=&gdpr_pd=

Request Chain 140

https://www.facebook.com/tr/?id=762786504179140&ev=PageView&dl=https%3A%2F%2Fwww.moirebenok.ua%2F&rl=&if=false&ts=1660448809334&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660448809333.1414733999&it=1660448808982&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.moirebenok.ua%2F&ec=0&ev=PageView&fbp=fb.1.1660448809333.1414733999&id=762786504179140&if=false&it=1660448808982&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1660448809334&v=2.9.75

Request Chain 227

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECpeTt6u4_pfxmO49lEVnOw&google_cver=1&google_push=AehlK4BnZDO0hD-2bd-k7TDWxdC_V6npLhC47yGSUu4cCHOVeomty7puparruOYkmbHMiv38i2A0Z5pxA9rwQPpcPfWTppFD8N4Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZTU0NMVVctMjAtNzNYQQ==&google_push=AehlK4BnZDO0hD-2bd-k7TDWxdC_V6npLhC47yGSUu4cCHOVeomty7puparruOYkmbHMiv38i2A0Z5pxA9rwQPpcPfWTppFD8N4Z

Request Chain 228

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB-fOMoEYx7XcjYIpTKPAnE&google_cver=1&google_push=AehlK4CM1C3zslXscKrUsyGvwS0cSt9X_AORTttepkLfrACZxdDropMmH68fuNXqhMytupoIWEZcUlHAc7c6up-qq2LhbLh3rSvd HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB-fOMoEYx7XcjYIpTKPAnE&google_push=AehlK4CM1C3zslXscKrUsyGvwS0cSt9X_AORTttepkLfrACZxdDropMmH68fuNXqhMytupoIWEZcUlHAc7c6up-qq2LhbLh3rSvd&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-fOMoEYx7XcjYIpTKPAnE&google_hm=YvhwKuRiHCQMELf1KtVqAAAABGIAAAAB&google_nid=index&google_push=AehlK4CM1C3zslXscKrUsyGvwS0cSt9X_AORTttepkLfrACZxdDropMmH68fuNXqhMytupoIWEZcUlHAc7c6up-qq2LhbLh3rSvd

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEICPJxNhI2KjlhwVvBu23Y&google_cver=1

Request Chain 273

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvhwKuRiHCQMELf1KtVqAAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEICPJxNhI2KjlhwVvBu23Y&google_cver=1

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOXZJXHOkMxRPkD_fAnWSeE&google_cver=1

Request Chain 275

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwODk4ODUyODU2ODA3NDA0Nw%3D%3D

Request Chain 284

https://d.agkn.com/pixel/2175/?google_gid=CAESEHZYe6jOu5M7FedUnTpOBf4&google_cver=1&google_push=AehlK4ADCxEZtzDm6bjGFX-YHhvP-cpvfIGOKAp5Z_0xPfk8rp_U3bvOcipKefhQk5LG8WxMK_Lk-HYN7_qulLBLZeh1Gtvnhl8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4ADCxEZtzDm6bjGFX-YHhvP-cpvfIGOKAp5Z_0xPfk8rp_U3bvOcipKefhQk5LG8WxMK_Lk-HYN7_qulLBLZeh1Gtvnhl8&google_hm=Q0FFU0VIWlllNmpPdTVNN0ZlZFVuVHBPQmY0

Request Chain 286

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AYqP2mEf06g0bPr1JsgdMmwuIYwkPwkAZ3st2dHrgZlrCNaB9Ui7bN3Yix3UsHcOkOiw4m5T1HEQHrm4xUAQHTmEiiu4eu&google_gid=CAESEDwmsxBCDqlonAFTmnu4L44&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AYqP2mEf06g0bPr1JsgdMmwuIYwkPwkAZ3st2dHrgZlrCNaB9Ui7bN3Yix3UsHcOkOiw4m5T1HEQHrm4xUAQHTmEiiu4eu&google_gid=CAESEDwmsxBCDqlonAFTmnu4L44&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTQwMzQ2NTEwMDAxODM3NDA3MzUxOA%3D%3D&google_push=AehlK4AYqP2mEf06g0bPr1JsgdMmwuIYwkPwkAZ3st2dHrgZlrCNaB9Ui7bN3Yix3UsHcOkOiw4m5T1HEQHrm4xUAQHTmEiiu4eu

Request Chain 289

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECpeTt6u4_pfxmO49lEVnOw&google_cver=1&google_push=AehlK4A7hAugRbTnNSIrQqHodbNvWe3Ifrn6_nR2xhtWQ2O6XLKZP-VUod8TgtnPqhO5Qz5dTLEMP7bVc1FzAF-CPVgsvFLU2gL3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZTU0NNRzgtMjItSzVXMg==&google_push=AehlK4A7hAugRbTnNSIrQqHodbNvWe3Ifrn6_nR2xhtWQ2O6XLKZP-VUod8TgtnPqhO5Qz5dTLEMP7bVc1FzAF-CPVgsvFLU2gL3

Request Chain 339

https://gum.criteo.com/sid/json?origin=publishertag&domain=moirebenok.ua&sn=ChromeSyncframe&so=0&topUrl=www.moirebenok.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=NdwaA3xxNDFpbUtDdTgwM1RodzFZZWsza0NLUkpwMXRsSWJJdXQyak0rUnl4QmsxSXhnR3dvdHNidUFRcjB4L2RnSlFsUVB6c2U2bUhJVTBleUxxb1o5TjVBc2t5MHRFM1RoSkpzdjdJT1B4VE1aV0ttUlNVUjlBbnB4Mm5ESnhzTU8zU3JrWFkxcFo5NXQ5QWVUNHhUcGtqZGU5MWJZYkFEUklRdUp0bXM5Q0NLTHg3WDl6c041L29KTEt0OU1BM2pVeGRjSXpNd2VHTE5RMXhVYUZSOXdGZEVkdEVUUklhMGJtSXIxYXR0QkJDTzQzc2hkS2FjandUNVJETkJVUWtqekZjOG9XMzl2MDN0bHIzenI4Tmt1OXpaQT09fA&cppv=2

340 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.moirebenok.ua/
Redirect Chain

http://moirebenok.ua/
https://www.moirebenok.ua/

333 KB
40 KB

3730ms
3622ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cda06771a2213a22c484081bc5adf15ce1e86fed4e43ac70477f21d28ff2782

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73a6b4823bbf408a-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Aug 2022 03:46:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.moirebenok.ua/wp-json/>; rel="https://api.w.org/"
mr-fastcgi-cache: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZomUW8uFbS5MJVCcM9CGnNMd0ZYmbwkriHsVrkiHiZNqHROEYqvwiC6vC87hSffklUy0fLdvav%2B6Qy69UkmfzhEAigsM8lo1k1zSJsOmdqVRnbRDSjUo7gctg1AHicOJGDzPxiA8%2B9Fr3KKJCEN7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 73a6b480bfcb75e1-LHR
Connection: keep-alive
Content-Type: text/html
Date: Sun, 14 Aug 2022 03:46:44 GMT
Location: https://www.moirebenok.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3Q87hYsUwO%2Fivon9%2FAebBl2XcnNYS7qDS6DUwtieyo1RH8SFhL93hP5bM6efvveVPKIg4OnkM85a%2F0gIR9tJIZ6OpPuxduHneaJ1PPNAzDmIScozANej3CJnLsj4jcAlPgd02kTmVdr6oEa"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.moirebenok.ua/wp-includes/js/jquery/ 87 KB
32 KB 56ms
53ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15426009
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 14:18:42 GMT
server: cloudflare
etag: W/"620d07c2-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfOmSxSY%2F2dnOEMSD3qCTkWz7hBxhYSvdiq7JSWnQK6nQTIkBdt%2Fxk2yb6HM1Yf%2Bbd514KAwfuIJTSTwq911JvzGEtjwk9MhTqhy5PDUgWs8cz2xldPFraeiL91rrO94BwzTgwcDDfZvmio28cZc2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b498f9cb408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fotorama.js Show response
www.moirebenok.ua/wp-content/plugins/fotorama/ 38 KB
16 KB 53ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/fotorama/fotorama.js?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bdd14a7043734892859f57be88468fa77a47292264b36dc0d2c7910e536f44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248173
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Apr 2017 09:41:15 GMT
server: cloudflare
etag: W/"58edf63b-9702"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usPhku81vXeA4HG%2BbyiJ2xMESjxMhcBs89yMjQLQfMNo2me1peLy0PMLNAHNq5UxJmEUTO5HDEIsryHPsJwcEJOfpHLADnWti8l5qGW2iiD4wesCzMGnnSOcakVfWbEbbieAB9CQ9e%2BarakKCJn3%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b498f9cf408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fotorama-wp.js Show response
www.moirebenok.ua/wp-content/plugins/fotorama/ 323 B
525 B 52ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/fotorama/fotorama-wp.js?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80b3768722e88f5132f1b106ebc77978d1f14de8b33ed0f1304604e54ac60141

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300855
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Apr 2017 09:50:55 GMT
server: cloudflare
etag: W/"58edf87f-143"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQTNbeHoeLPixGyAQKcfxle5dfdT4zZnBjAc4PCVbzSV1LJRPFN35eyKqZbyf6fo4%2FnyN6R6E0KSCYKzVqPXrY%2BsoS1jNfQ8UVb%2FphfYCFf%2BwN15uOFQ%2FK%2BxTbMlMH4z5CJSBLJIgkLnHNiSEcv16A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b498f9d1408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 subscribe1.js Show response
www.moirebenok.ua/wp-content/plugins/subscribe/js/ 0
393 B 51ms
49ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/subscribe/js/subscribe1.js?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248173
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Mon, 19 Feb 2018 10:51:59 GMT
server: cloudflare
etag: "5a8aac4f-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmQ16I5MiCDVTTUjFlJQSJkMxXBkfTKT8VQk7QuDvgm%2FxODC7RmA4jdL9yQWmacMebQngMPIqezkBB0UKTjfsJSb6AiWK8P3VV%2F9Aeqih91lJZNnoqVJbLTVovVWZSAK1WaCCsa8Pz2ISQWw3QWMMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b498f9d2408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loadmore.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/js/ 2 KB
1 KB 53ms
52ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/js/loadmore.js?ver=20180296

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc225c656a353d69cea633a055e54e95ecf7ad887655287b923b5c5989fa398d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15279734
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Oct 2021 09:16:17 GMT
server: cloudflare
etag: W/"617675e1-8d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPbp30wIvxtm2pYPAAZWcuRs4733nAPjpSUHyMIJcXC%2BBho4FNL3jDsnxF0Hur0Eb%2BSz5HVCOVMy9b8r2l0XJcFUsS%2BQrefNZIrp8G9IS4PZziK6eJqfkxbgObYxmFQ38z%2FO%2Frg%2BjpdwZWaYNQa%2Fag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b498f9d3408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loadmore.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/baby-day/js/ 3 KB
1 KB 51ms
50ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/baby-day/js/loadmore.js?ver=19

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13595431ecf6090ddda6386d42c08b6b21179b1ecdfe70754f0740848486c17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9942223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Oct 2021 09:16:31 GMT
server: cloudflare
etag: W/"617675ef-d56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Df6t2lW8kz7ssiiu%2B7oX0c7dOZ0L8HF3LKwZI8TLlE%2FSRRS5ii9KxHkiYFScM0arEa%2BY%2F9MpH6PJ4TeK1JO4KABXnwrMuWDyo8Q1lTICy0h6nK44zvcrMVUqgVELHG6qWc%2BoPnyDJstx0AxxnrZy%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b498f9d4408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
425 B 586ms
199ms Script
text/javascript 2a04:4e42:c00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?version=3.109.0&features=Array.prototype.find%2CObject.assign%2CCustomEvent%2CElement.prototype.closest%2CElement.prototype.dataset%2CEvent%2CXMLHttpRequest%2CMutationObserver&flags=gated&ver=5.9.3
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93b6d06fbda857acd518012a13319cecfab1cce720fb9437d294a4111f6e1c3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
last-modified: Mon, 08 Aug 2022 14:49:08 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/99.0.0
server-timing: cache-lax10645, PASS, fastly;desc="Edge time";dur=13
accept-ranges: bytes
content-length: 101

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 287ms
67ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:08:58 GMT
server: nginx
etag: W/"62e28a6a-2c101"
x-cached-since: 2022-08-14T03:37:42+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 28 Jul 2022 13:20:18 GMT

GET
H/1.1 200
OK wxNsKJdG0Dig Show response
cdn.onthe.io/io.js/ 55 KB
18 KB 259ms
115ms Script
text/javascript 116.203.211.129
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/wxNsKJdG0Dig
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.203.211.129 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.129.211.203.116.clients.your-server.de
Software: nginx /
Resource Hash: 761a7acda7c71ceac2fe0748d7bd8b7a5c7a6fcf1229b1d7b6548021de4e7bab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 03:46:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:23:25 GMT
Server: nginx
ETag: W/"60e6fc4d-dd01"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Mon, 15 Aug 2022 03:46:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
50 KB 199ms
69ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TH2WFG

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59ec5776ad0a01befa5274e621776b6af59c40b64703cf9fadeade6974fa64e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50364
x-xss-protection: 0
last-modified: Sun, 14 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Aug 2022 03:46:48 GMT

GET
H3 200 font.css
www.moirebenok.ua/wp-content/plugins/contest/css/font/ 2 KB
925 B 57ms
54ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/contest/css/font/font.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d23acf83cb2c975307b36a7ba27c66ec8efcb7bd54a209c555299ab619c3dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Jun 2016 21:14:15 GMT
server: cloudflare
etag: W/"577045a7-9bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LiOet0%2BJ%2BIVnbqpoThif5YcVofU%2B5a9Pz%2BtKsJerq5EifD1OLh4Y9XNRZHeJr1lLpa2BtEsMrZJd0rlwWuNHdF%2Bk9gmMp64xlMdwjskpjeqnWyQvEaNdUBFdC0MBOW%2B1aKGziubAE8KvTN%2BjrILFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49ca9f87765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 contest.css
www.moirebenok.ua/wp-content/plugins/contest/css/ 6 KB
2 KB 55ms
52ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/contest/css/contest.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3be7b03ed0a8bc2524a0c1bca4bab6a04461bde8c9e1165c723b8e4b21ff51eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Aug 2016 19:43:55 GMT
server: cloudflare
etag: W/"57c09bfb-16d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaGWVzNmgPLJV09BsuxBygRRNg9MwKl2Ntv5FzsD6v07jUAF3EQlDpIR3W%2FktY87iAJCJ%2FNQz0y5d3wBij5SbbP2jeqxmmtl%2F7tsaAwqSeJfe2cVL46Prt60kL7L6EZn7kGVRiG4aHSmF7gDTXFn8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49ca9fd7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 timedropper.min.css
www.moirebenok.ua/wp-content/plugins/contest/css/ 6 KB
2 KB 102ms
99ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/contest/css/timedropper.min.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0875b0c19a8047133d9960d3540a56cc4825418a92957523cf7f1a1645b38196

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Jun 2016 21:13:58 GMT
server: cloudflare
etag: W/"57704596-18b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9jWZFxDur7fajB82CEUmDEYFK3%2FXxks%2B25CuMmNbQUXtUmiP06AMxA0bXIUXPZo2L4PXQdmr8RwmdQS%2Bxh8fnmRDW%2Bsq15cWhQ2ii3WfBiUCLyTOFTr2vJY53jMC0DR%2FmwVTmHBe8zD%2B2RN43WyhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49ca9ff7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 datedropper.min.css
www.moirebenok.ua/wp-content/plugins/contest/css/ 8 KB
2 KB 53ms
50ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/contest/css/datedropper.min.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc77eff6ee75aa5b7773b03b28ca9645c2cd8e39bc24ce78e106becc13bad01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248521
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Jun 2016 21:13:58 GMT
server: cloudflare
etag: W/"57704596-1f10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPTcrJTeg9M8AoBN9TWesYqDK19UivEp%2FcmvSTqLO4BlVLmJl%2BPdffflgQNSskvv8FjQxjgnfAmICMbVbOycv8y5HewI%2Fp7E4IofhDsfXNQFedLopkkzS%2FWMcVgNK6B7QKEmPQS8vMl%2F9Zqx7Y%2Fhdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa027765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 subscribe-to-post.css
www.moirebenok.ua/wp-content/plugins/subscribe-to-post/css/ 4 KB
2 KB 54ms
51ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/subscribe-to-post/css/subscribe-to-post.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3489b7bc802f2fba21ff06774101330c89c3eb62be49637212a053e331961214

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2016 17:33:26 GMT
server: cloudflare
etag: W/"577d40e6-fc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZqy6tw451Ntko5ZXi3eI9AZg7ZT2ZWIZK8Dyi%2BjWwdZ6u4qd14pF%2BqQdQXtFhOBLhOPlJ8g5EDejIXw%2Fy0AnkIrg2iP6vYg%2Bz2q2QiiYzlxp0y060F9XCmEhygrck1B0BuubQT0NX5CHyE%2BnEXzVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa037765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 subscribers-style.css
www.moirebenok.ua/wp-content/plugins/subscribe/css/ 549 B
788 B 98ms
95ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/subscribe/css/subscribers-style.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8203b26e684e70896c11e9880bf3d908184402380962b963d3badc4a20e25a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 10:46:21 GMT
server: cloudflare
etag: W/"57e8fc7d-225"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0v0pF%2BH3FErEeyHNDxv6ruOkBzLUO91SiaWHEwgaSrqPSx9XlYWUyb4doxElMiPNAjl5gSIHgU3LgIJw0YYuxqXLxhlPeMRCSbedQpsUgvxEhJrjFptS87BMPCWS6CmNK0J9aGyuBiGP4Q0AasZmaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa047765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fotorama.css
www.moirebenok.ua/wp-content/plugins/fotorama/ 17 KB
4 KB 55ms
52ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/fotorama/fotorama.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d1a111efbdb45ba518f8ce585e53164241d1e75b3442bb6ffbbda7bd8b0dd52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2016 16:29:35 GMT
server: cloudflare
etag: W/"5773f76f-4501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhPg0lPkzWX84LG7dnAc3z6ovE9tTOStPWxk5UeUzrw1S0VQCPVKYzZyHMI1HdravI5ux1BDZvW%2BBC0vwMqijaPFIvx%2F%2B9L%2FzCv8jVLsZs2ufIjY0ci1rYm8Uwveqor2guV31ZIHFt7fT24zsBh4ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa057765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fotorama-wp.css
www.moirebenok.ua/wp-content/plugins/fotorama/ 323 B
813 B 117ms
114ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/fotorama/fotorama-wp.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff87ee21ac856d2e8e3579631337d4570cb2770c8e793a8bdefbcf736d215076

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2016 16:29:35 GMT
server: cloudflare
etag: W/"5773f76f-143"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0frxvMAPUNSyG%2FRZPiZksR5ZXdxkW6MrzbA7Kg4eWDBxwHijisiW55Vnx6njzBKB%2FxDmbe0tfyVW1oX8lumNV40PJL9CpJ%2BJobKtWvtPY27t%2BWGo40PQa7jGN2S3LjeMqlFTLvjR4XUSgW%2FG1xNAXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa067765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gtranslate-style24.css
www.moirebenok.ua/wp-content/plugins/gtranslate/ 693 B
850 B 102ms
99ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 14:20:19 GMT
server: cloudflare
etag: W/"620d0823-2b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYqQSHjjYRD5gwZxL9rdftMQ1l9CA8mTkSeoW0fZwYmOy14MEsQTCQPhmH%2BdGfQwKsNivOVAjkkzuLiZm6jMl1AnicD7IBF12Szw4g9xW5weBNXUncLQTewa4iGEFJ%2B7ayUIM7cjIQRw%2BypzWHT6xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa077765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.min.css
www.moirebenok.ua/wp-includes/css/dist/block-library/ 81 KB
12 KB 102ms
100ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11248453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 22:16:50 GMT
server: cloudflare
etag: W/"624cbfd2-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FVVd5QspPHXBQpjqq5fsrwCE2zccBTEH5ndUhNIWAmdMe65DKlAUNB358%2FckoA18mENUB1lRwFb8DLs4iwhnFdmkh5aFLE8BhPP5uDqZ4DhEfKsEh59qxeOY603o4s5HLK5GBHqNX9gZe9ct0EHyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa0a7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 postratings-css.css
www.moirebenok.ua/wp-content/plugins/wp-postratings/css/ 1 KB
973 B 55ms
52ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15426511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 14:21:01 GMT
server: cloudflare
etag: W/"620d084d-549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8Tln9pI0IFMEv2SN%2FKlNvBSdZfIgdj4QAHKlXqbRfBzXSDaKhIAAc12Jk7BKhxcl2VQJt%2B83lKXC5VjA9aFyQCm7yyizqoDzu0zd0w8vLB44HQZiM8%2FN7HnhgQsrr5smmOx4XdaOvPh0EBJsRRBbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa0b7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mr.min.css
www.moirebenok.ua/wp-content/themes/moirebenok/css/ 87 KB
17 KB 98ms
95ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ac067260d83571f79b6d265535f5555f1aea8770cb76703777b0897b11106cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19083558
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 05 Jan 2022 06:16:55 GMT
server: cloudflare
etag: W/"61d537d7-15bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6K0LpCy0XGC27x9GDPtrTnqnpXg6bRF94LimozgajNfg3PG4FD502ryiDYBYSQY00%2ByPDHyp9FxqapFQz5dMlhlx8CJFu4Ufqv9etaOg%2Fpg%2F1ImT%2FcILBSJv0UBBn9ytuhom5XWrG7JNtjvhKGS5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa0c7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 slick.css
www.moirebenok.ua/wp-content/themes/moirebenok/css/ 2 KB
1 KB 98ms
96ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/css/slick.css?ver=20192102_19

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24930139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Oct 2021 09:16:08 GMT
server: cloudflare
etag: W/"617675d8-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feeJCuhLArlA%2B776qmrm4ONQeB4EMdrlq0u%2BqWMZ8GQie%2Fy%2BOrpkjQ9DRggUqkdDswKG2YtCMFfHHrvKnU9DMG%2FQQenqOJoXs4gW2UWMDF%2Bn53ZJCLCcuicWsqlsx5kJ4XCll%2Bbi8MSaL9CBPYSstQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa0d7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 default.css
www.moirebenok.ua/wp-content/plugins/site-reviews/assets/styles/ 22 KB
5 KB 99ms
96ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/site-reviews/assets/styles/default.css?ver=5.20.4

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a78ebc0e3f7224fbc60ad9ecf9d369a64930053d29e33dd0ccd6349a8d28f633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15361325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Feb 2022 07:57:47 GMT
server: cloudflare
etag: W/"620dfffb-57ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Is95j3gf10k5XCyMCWVZM44%2BRKcAhegIIKX9c1YAvFLGKC6w%2B1Whv9dJ0M%2FdurhcQW42tT%2FiEgsUGmpgoizupISw2U2OGeat4Gla15%2FkLHuKxU53whnvUmvkgiuYYAcAK25GnWo2o82Y%2F79CO38YeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73a6b49caa0e7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookieconsent.min.js Show response
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/ 11 KB
6 KB 162ms
54ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding: br
vary: Accept-Encoding
age: 1385333
cdn-pullzone: 403741
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer-when-downgrade
cdn-proxyver: 1.02
etag: W/"60b50a6f-2bec"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cdn-requestcountrycode: GB
expires: Wed, 27 Jul 2022 17:26:30 GMT
date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 886
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 17:09:15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 16:10:23 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUagDZKiBcIP13hur3HmXHr8C0hDe5V73E3c6i%2F%2FtvSEFWcsizbPc5lDYBEWkgdS4sqv0LDImqKB5kD48DQl94ohGH5Sz0kVlV%2FOLds%2BaVW9QQi1OHXgZgm9%2B2WWXDODQIWcFZxIlnyD"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 4e00b711d410d5e0eadb285112ec2a98
cf-ray: 73a6b49d5c7172ca-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 lazysizes.min.js Show response
www.moirebenok.ua/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 118ms
115ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.5.1

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15422689
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 14:20:09 GMT
server: cloudflare
etag: W/"620d0819-2655"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADQe%2BoFwH5rsq8B%2Bd7XBAD80MqsV%2F5nI5c4w%2B6i995zPRmSDgrt3%2FYZxRUZ4QYYrZUpUIEaZgZMdv2RwLRaFU75I%2F1riezpq5dlIN4UfWSRe8bZ5n1llPb7trY9Pqg%2FllunJVF8we1NR85tvB3%2F65Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b49ca9f37765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 postratings-js.js Show response
www.moirebenok.ua/wp-content/plugins/wp-postratings/js/ 3 KB
1 KB 51ms
48ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15279734
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 14:21:01 GMT
server: cloudflare
etag: W/"620d084d-d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZXonW%2FX6CrGUn4CA9jxP9dkHRxhY1NE67qYrQ%2FLxBMW%2BjJu13q8e9Vmc8%2FoqGQArsJEHy0SuW8wGtHyLP6KxPvGIPCYnBQLr67EsZvoH3Vqe5xljXCDzIbNWF5KCGQ2ZBNQSdQNHvVTkdKUfhkEPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b49929f6408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 other.min.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/java/ 81 KB
25 KB 68ms
66ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/java/other.min.js?ver=1_1

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8567628cfaa3c99fe3408afb42d6e764c32986a1e502664bb6609d2f4ae6f9b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5715165
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 09:46:04 GMT
server: cloudflare
etag: W/"617bc2dc-143bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEWCSHMft8bgPCEmUDSrKWsWsrgXNKveU2WhRYagEEiE6fnLLCi7%2FX7eUfR9qOgmut52AUbdiRTTYWIfIxj19407Zsb6n5KRZRBm3l3InOJnzXSj6f3O5gCHG74I2aIbGA17sNOvABr2urNejujHYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b49929f7408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lightbox.min.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/java/ 4 KB
2 KB 51ms
49ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/java/lightbox.min.js?ver=1_1

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1c5d696c227d937e2c6fae27241e11a136378fcbfba56c8c1b5cc8f20549ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15279734
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 09:29:03 GMT
server: cloudflare
etag: W/"617bbedf-107d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgzKC2YMvFS8cU8sURjhf9GnOgA8IiycnxpqB81PCuNiowpln2%2BIaFRL1NaIOrwfMGwYdxhS2ret2lfgB8ND4CmRd3dfrfsDIPT9UqfG7xw3w3Pkp8PPITK6j%2B7ZtT2IzagBXcxpXpMFCXmlz0h7SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b49929f8408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flexslider.min.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/java/ 22 KB
7 KB 53ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/java/flexslider.min.js?ver=1_1

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4395fc786593962471544160f998534deb349b457bc3575ca8aa22c3a87d1cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5715165
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 09:31:52 GMT
server: cloudflare
etag: W/"617bbf88-56bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BE7PjX%2FT32BWmXL3PTD6aI5Bw9je2U1O9Q3gheRttZ5EiLZNqEHzS1PqDRxWrasLjF%2BoWp4VnpE%2BkqG%2BnjlEekbvzF11%2F1CYipJs3Coz1U6W6vvGkVPTvejb6v1hcY5KgZqPnCOQ5XT2sQL4E40jZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b49929f9408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie.min.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/java/ 1 KB
971 B 70ms
69ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/java/cookie.min.js?ver=1_1

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745e44d76fd520a3c024975f9fedc8770117f772acee8fc15af4659ab2178cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15279734
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 09:35:19 GMT
server: cloudflare
etag: W/"617bc057-4de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBUETu5MU9RtKEPxFLEtoCG5qbNPSFWCdV9U%2FudWV93howEqtrrUrzHlXLoxUjwZmIpoe2aMsDhDgwoDeQ9bDj63w%2BplKm2TPyr8AKN9HfP4NSege9fExD1aaNGVdhuWpldiQ%2BF9jg%2Fqii1YIzaHpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b4993a08408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagelightbox.min.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/java/ 4 KB
2 KB 81ms
79ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/java/imagelightbox.min.js?ver=1_1

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1c5d696c227d937e2c6fae27241e11a136378fcbfba56c8c1b5cc8f20549ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15279734
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 09:36:27 GMT
server: cloudflare
etag: W/"617bc09b-107d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BKNjdR23%2Fd5UgCGd7i3rIOluqqEF%2BL%2FDJOjk7cY%2FunQmKJ6viMHm6bTiaRvPlqvMDJydr3mG2OL4hno7gZT2uQhV%2FGY%2B1hIohiH%2Bcj6ITixrTlb6s6bmx2sRQgGbRLt7PQEFsvJaGgryBRtMZUwwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b4993a0a408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.min.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/java/ 34 KB
8 KB 71ms
70ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/java/main.min.js?ver=1_52

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a192c15ffc8c9279cecdfc1c71df9632fe96813b23e5ff7ebff67c2d52e2c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4487093
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Jun 2022 05:03:51 GMT
server: cloudflare
etag: W/"62b3f437-8699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SilYcwaRnD4J1npUCn1QiF8ua5mzyw1FiuZDOa8JQgZ4g45te4eILhfDNOw4XOlsOmoDPmc1o551VXitFxjjxJihzF%2FE9Tio1mAsZbbFcZNUKAJMEaJ5uBz80J6gZiJ13SxhL6gCC%2FwUQoRAv%2Bl2%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b4993a0b408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
www.moirebenok.ua/wp-content/themes/moirebenok/js/ 42 KB
11 KB 80ms
79ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/js/slick.min.js?ver=1_2

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15280506
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Oct 2021 09:16:17 GMT
server: cloudflare
etag: W/"617675e1-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFV6tWmunXZZIoOPULXQYy4L3t0X0TB3mpOQ73Jf%2BLkY9pc4KHqp2Yzbjg65lw%2BuyT8tOOtHNsM1UqaWcuNsI%2FSDUnTQTez4dWvTSxvwqwdVxiaa4NQMS5iCGlqHY5nBuX43xP1axrK9AaaFV6MrLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b4993a0d408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 site-reviews.js Show response
www.moirebenok.ua/wp-content/plugins/site-reviews/assets/scripts/ 38 KB
11 KB 70ms
69ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/plugins/site-reviews/assets/scripts/site-reviews.js?ver=5.20.4

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37c43f9c7dd8c93e734cd4643a235f99b3cc3fe388b0ef66317c7fc59d99f106

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15279734
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Feb 2022 07:57:47 GMT
server: cloudflare
etag: W/"620dfffb-9608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCI%2Fa3RXLPCEwrXdNQuzoHgmr%2FvPOSrmrnv9r5UWqFJiaDWKKYDWK%2F1%2B2B6Y%2BwKDlRv49iCzSpyp2qaadRZwo9eH6kwEEkKbMuh%2By%2FDVzcAXlL1H4%2F2zUbZTywYGLkmM%2FqkIWLIa23mdvOVaYiUPPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73a6b4993a0e408a-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
57 KB 206ms
77ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12bdd2652710ee5e2bc85d55f396656ecdd51921eb1b7fd71cca46a0a06fca14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Origin: https://www.moirebenok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57413
x-xss-protection: 0
server: cafe
etag: 7284504075212741556
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 03:46:48 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 mr-logotype.svg
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 2 KB
1 KB 115ms
114ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/mr-logotype.svg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38adf65cd2eb8553fc1338f56105c1598ba39bb5e2c09a052f1f7477b2c71d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 12:25:21 GMT
server: cloudflare
etag: W/"625ffbb1-685"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuJcn5p4ihDUaT%2Fr%2FVWOzKqwOPbioeZHcuemtqucnA0LC9E5V282uku0PQ7lVQhGG89DnlSLMfebdYuInbC9HTzajl1el5rZA0slsvWu2banMXbx1yeTnJN16iXi1I760703XJkx8fESXeqbEQbDqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 73a6b49cda497765-LHR

GET
H3 200 fb-icon.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 404 B
1001 B 115ms
114ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/fb-icon.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f9c960aa0fbba5adff5e1fb84755a8a99a43a74eeb8f2266a0f4aa831bf328

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24999886
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 404
last-modified: Mon, 25 Oct 2021 09:16:10 GMT
server: cloudflare
etag: "617675da-194"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMt8z44cJmPk3xs14Ybp5sOc31mIU76mnH9wf50YnTL09JnQQakltKbRPSb2%2Bz1hp5%2FGQ6Kdl6P2WhWtW%2F%2B%2FdXi3M9DFjn%2FRZLvuoCFvgf0qoqmOpwd6t9ehFDzT6U%2BFnwCe2zKL0IeL6B4gQhKfwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49cda4a7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 inst-icon.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 8 KB
9 KB 115ms
115ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/inst-icon.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

675d92a95ab665bcae471e54bad1f3dbe6c91aca6d9c77617a9a2c7398632aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24930139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8344
last-modified: Mon, 25 Oct 2021 09:16:11 GMT
server: cloudflare
etag: "617675db-2098"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1ekSnXXdSEG2srXLapa2ofar1mc6vZM8KFQnv4hJqI8id9xDmlKOaZ4DPuztDlmiVNTIW662NCHSYq3TFthKatFCFM8iSmtERgAxxnrwqBawgResLfRp7olflY4svIlyO6WrorFm5AFqBg0AZlQ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49cda4c7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KievitPro-Regular.woff
www.moirebenok.ua/wp-content/themes/moirebenok/fonts/KievitPro-Regular/ 62 KB
63 KB 217ms
217ms Font
application/font-woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/fonts/KievitPro-Regular/KievitPro-Regular.woff

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1eb8b74d87fec3570d2e1c6a83c8d807e9fea898442b056d1681cbbd9293438

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moirebenok.ua/
Origin: https://www.moirebenok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Oct 2021 09:16:33 GMT
server: cloudflare
etag: W/"617675f1-f974"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eCr4KyOO8OZwTcI3%2FLbufwpYBIwlBgz4yZhewv0xrg9m0wkFSclXY45Gi3LqfvgvU2qzbVDjtiwTYPR4A%2F%2Fjv5Y9Z0VZ%2BM2Hemwr%2FtOSI5BxAbGvSZ%2F7%2BH6HtDs%2Fp%2FYzVSCzOfOQ5bjRQWrndY6Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73a6b49cda507765-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 search.svg
www.moirebenok.ua/wp-content/themes/moirebenok/images/svg/ 2 KB
1 KB 111ms
111ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/svg/search.svg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c6888873bd0f487fadb5c6d7a44d6a8a55b4a6354925960847f1176cb39741

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Apr 2022 07:21:59 GMT
server: cloudflare
etag: W/"62610617-61a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BHiW2S7AkgvO%2BpIeavlIskNptR9O13CHIvdb1UiBTVwFRnJTbyH8cPAdVMYEhgHhqf8PzywZdJQhi0TyhrJBfAa73XU4rCk3wurYzGdnA7YmGNMUEIBCEJJreSQ7pQvd3NG4UHLlNf9xjmDw%2FAo5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 73a6b49cda557765-LHR

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/48427/ Frame F11F 738 B
519 B 62ms
61ms Document
text/html 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 14 Aug 2022 03:46:48 GMT
etag: W/"62e28a7b-2e2"
expires: Sat, 29 Jul 2023 13:10:18 GMT
last-modified: Thu, 28 Jul 2022 13:09:15 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:18+00:00
x-id: cec-up-gc4

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/48427/ 23 KB
8 KB 65ms
64ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:13 GMT
server: nginx
etag: W/"62e28a79-5d41"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:18+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:18 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/48427/ 75 KB
20 KB 70ms
70ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:02 GMT
server: nginx
etag: W/"62e28a6e-12c39"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:18+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:18 GMT

GET
H3 200 KievitPro-Bold.woff
www.moirebenok.ua/wp-content/themes/moirebenok/fonts/KievitPro-Bold/ 71 KB
72 KB 244ms
244ms Font
application/font-woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/fonts/KievitPro-Bold/KievitPro-Bold.woff

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ad01c1e9b15e3760ed1fd27cffab680af91e2c02ad93c504f2b555ceaa36129

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moirebenok.ua/
Origin: https://www.moirebenok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Oct 2021 09:16:33 GMT
server: cloudflare
etag: W/"617675f1-11dbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISgFN1iEsk2cDhzKeMGKKqR7xdWGcZ8vL7LcJ%2FCxE%2BSYN34qOdhsLsPMidT3Z390fHjbN%2BHSFG5j2j3FoO4H%2FdDTivPdSjle6XkIR1q5yR3MNDUx3V%2BdpHj2nfdy0ZFY%2FWkoWjOvO%2BmM5uq0DR31xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73a6b49cfa727765-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c02a606d34cb40bff85dd3f597eb8c05c70fb4c74de4a98f26491ad57aed083d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2a221c17d6a9307f2c58c2c5e815f54847e58da2eb67f61933c70cf23f51132

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da55350f5bd788535868a81a41b0fe63f576d18d95c4ffb2a07041f99fa93c03

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5efdf2d5cb68faf008725ee772f8e31fdc170bf5da7bae48f6eb54a67b7a510

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38c6250122b596582e8dbe3d46b69f335dad200c3a7dede6f685be0dd797b78d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c53db134bbc2f473e349736b1621b49f692a5a8f46769410af038ccbcf4ccaa8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23b0437aea0523868e5c0b2b344c2335d7f5e1130f2bfbd6514417f0e5247fb0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 icons_10.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 5 KB
6 KB 73ms
72ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_10.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef3714266227b248377ac4be8337cffac15d58d22d2bbf149033e1930ee14a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25186905
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5315
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-14c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbnhN975x5GNJd1CVm%2BijR7EIhKISBwlLo2uFuAWwHSJcZ2GG4Lng%2BBBl0t7onl2Mfmj5T8xuB75cSRm%2FJ2vH%2BxIs6QNM5QWLNX%2Bg3AYVeUqpk2WmCzs2m%2B3cq%2FhnmdeBn0q6jQE%2Bv%2BmA7TTZBmJtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49d1a9b7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_11.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 5 KB
6 KB 78ms
77ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_11.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b700f4f712a190a91278447045ec252bea082c69912da975606350bc8d48dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25186905
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5578
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-15ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKojD8UHW5rzY35i7rliXrDlcWkemYDt0Jkx1k6lnanX1L4biXxQoxQWr6eGAFAeyweIKMWsS%2FFd3mdpbPphbNidxEI1r13nuSG8x08aUSRJXogcCegesDfhrmyeIej19Nhesp0J3eAYJurzRknvPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49d1aa17765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t50.6;r;s1600*1200*24;uhttps%3A//www.moirebenok.ua/;h%u041C%u043E%u0439%20%u0440%u0435%u0431%u0435%u043D%u043E%u043A%20%u2014%20%u043E%u043D%u043B%u0430%u0439%u043D%20%...
https://counter.yadro.ru/hit?q;t50.6;r;s1600*1200*24;uhttps%3A//www.moirebenok.ua/;h%u041C%u043E%u0439%20%u0440%u0435%u0431%u0435%u043D%u043E%u043A%20%u2014%20%u043E%u043D%u043B%u0430%u0439%u043D%2...

132 B
618 B

92ms
92ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t50.6;r;s1600*1200*24;uhttps%3A//www.moirebenok.ua/;h%u041C%u043E%u0439%20%u0440%u0435%u0431%u0435%u043D%u043E%u043A%20%u2014%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0441%u043E%u0432%u0440%u0435%u043C%u0435%u043D%u043D%u044B%u0445%20%u0440%u043E%u0434%u0438%u0442%u0435%u043B%u0435%u0439;0.7291511754124971

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

eb03d5c88046cd6bf4bf958b581f783cc1f6b1f21f91af45c3e0ce5cf137bd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:48 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 132
Expires: Fri, 13 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:48 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t50.6;r;s1600*1200*24;uhttps%3A//www.moirebenok.ua/;h%u041C%u043E%u0439%20%u0440%u0435%u0431%u0435%u043D%u043E%u043A%20%u2014%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0441%u043E%u0432%u0440%u0435%u043C%u0435%u043D%u043D%u044B%u0445%20%u0440%u043E%u0434%u0438%u0442%u0435%u043B%u0435%u0439;0.7291511754124971
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 13 Aug 2021 21:00:00 GMT

GET
H3 200 rating_over.gif
www.moirebenok.ua/wp-content/plugins/wp-postratings/images/stars/ 523 B
1 KB 92ms
92ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/plugins/wp-postratings/images/stars/rating_over.gif

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20999348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 523
last-modified: Mon, 15 Apr 2019 06:13:00 GMT
server: cloudflare
etag: "5cb420ec-20b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YWJbv38Xj%2BJBeUHsmt7B3sQY8musMHsUIp5C8sSW68dqMn9HGWcIbzfxo1pMHYfuiy27tUVE1grKcBnQE3splkVCJT1aY6ani16%2BFNMyk8NFpMwmy7LdwjFGlhWrhitlBIAjG7Xiu2Y7uvt2HEgSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49d3af27765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autoUpdate.adriver.js Show response
content.adriver.ru/plugins/ 5 KB
5 KB 328ms
88ms Script
application/x-javascript 217.16.18.206
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/java/other.min.js?ver=1_1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.16.18.206 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
last-modified: Fri, 24 Jun 2022 12:03:11 GMT
server: nginx
etag: "62b5a7ff-1455"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5205
expires: Sun, 14 Aug 2022 04:46:48 GMT

GET
H2 200 media Show response
a4p.adpartner.pro/ 11 KB
3 KB 264ms
77ms Script
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media?site_id=129&unit_id=2633
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/java/main.min.js?ver=1_52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: d1e80a0a069d176a45a8465a3c31363e9b4efba948fe7471f0ef072d2930cb52

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H3 200 burda-logo.svg
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 2 KB
2 KB 85ms
81ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/burda-logo.svg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd4558233e7c785d99e33b6b45179e7c9c101764d0246f5a49d5f9dd7c58cc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Aug 2022 04:35:33 GMT
server: cloudflare
etag: W/"62e9fb15-7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83AaVDJD6YjLcFCrCaCE1Ent6awiNoOX3feW2qQKovjHKUzUYZ%2Bgt0DOMPYms7WQqV69ru27RUT8oZBV98MgpsARywwJBWJQwV1r0k3EZkNC5UWWzubpeLovjm%2BdusBsZ0L49GyhkQoqpXDChmrzHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 73a6b49d4b037765-LHR

GET
H3 200 burdastyle-logo-hover.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/projects/ 5 KB
5 KB 85ms
81ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/projects/burdastyle-logo-hover.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16d2fa0223270f5bac260f85d9e9dd5d18e08b67aa709050bd216c6aa1f2d70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 946206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4917
last-modified: Mon, 25 Oct 2021 09:16:35 GMT
server: cloudflare
etag: "617675f3-1335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYna3%2B8bUC8PKlF8OmPtcV4j%2BtjJQ%2BhQVNUUfu2plHKrGnHisPkl3SHYhmYLtBtudtMaf7wIgqWR3hfxJN2tlkM%2FQh%2BQbaat67%2FHxQ2ahpisnvi6VZjAJpIbtukfWsQd0jZRdFn5lOi5s6SfKzlzzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49d4b067765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 naprobu-logo-hover.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/projects/ 11 KB
11 KB 85ms
82ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/projects/naprobu-logo-hover.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c85b49cc376162a5af9632235721a08aaceafbb691faa523d87669c17927a66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 946206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11014
last-modified: Mon, 25 Oct 2021 09:16:35 GMT
server: cloudflare
etag: "617675f3-2b06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn%2Fza0iv9Ugcqw6Vs0f6hzcnsBpw0nQD52nN8KYMInT4C3fD%2BtoZKx0OsvZBP60T3Xe%2FAdQev74Su86SRhqPJJg5kj0vpd3N8%2F%2B5i0hPm%2BVM4iSwJHu38%2BUxpC7unG3k%2FOVkiPCtGmWs7BFwKxZeHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49d4b087765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 liza-logotype.svg
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 2 KB
1 KB 86ms
82ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/liza-logotype.svg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdae3f09c7f7037d038f1afb1dfa0fb6a354ce6ab48f786980b33d5c0d8412ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Aug 2022 04:35:33 GMT
server: cloudflare
etag: W/"62e9fb15-795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChR%2FV60JwIlfI6i2kT8J4JidCJQx6FCwBFZU%2FE%2BwO5bGKdoFPzRfRiHSDwtlaWk8yg7J1L7nuRGXNp3jKMSbGXPAln2BPYNCHx4Xq6xb8GxWsTDiP0TUVUhW6B3L6m4GbHsCruEb1oOwh%2B2elVMZ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 73a6b49d4b0a7765-LHR

GET
H3 200 mc-logotype.svg
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 9 KB
4 KB 86ms
82ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/mc-logotype.svg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189a88e5775309c7a607d49886d408ce1d3bd58eafcc516bb37d89206437e3bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Aug 2022 04:39:51 GMT
server: cloudflare
etag: W/"62e9fc17-2536"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNtHZ9foylBgmlArGIvOcpHwfxbvthDQG60Xoqp1YTJtgxjLUZsegRbcveYhSwDndK7k6eVRPFzZ4dT89KYHdg3mH0tgZKdA2%2F5kKulSb%2B%2FQ13hKItSny1ek1E39rOa8mtW8OG5AEfvRMHfyWJFy1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 73a6b49d4b0b7765-LHR

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 193ms
59ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12552:uniques_instantly[url:%2F,domain:www.moirebenok.ua,page:%D0%9C%D0%BE%D0%B9%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BE%D0%BA%20%E2%80%94%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:63253853c.3f39c618c_1660448808580,session_id:be6e4dc4e.2a638f566_1660448808581,cdn_version:11]&s=e28aef5fc17adc3e35586018583dfab0&1660448808584
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wxNsKJdG0Dig
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:48 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 193ms
60ms Script
text/html 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=14&holding=a6a85e8b8a3a49782382de2f9949a9f0&hash_user=63253853c.3f39c618c_1660448808580&1660448808585
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wxNsKJdG0Dig
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:48 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 189ms
58ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12552:visits_instantly[url:%2F,domain:www.moirebenok.ua,page:%D0%9C%D0%BE%D0%B9%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BE%D0%BA%20%E2%80%94%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:63253853c.3f39c618c_1660448808580,session_id:be6e4dc4e.2a638f566_1660448808581,cdn_version:11]&s=e28aef5fc17adc3e35586018583dfab0&__io=63253853c.3f39c618c_1660448808580&1660448808587
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wxNsKJdG0Dig
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:48 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 186ms
59ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12552:pageviews[url:%2F,domain:www.moirebenok.ua,page:%D0%9C%D0%BE%D0%B9%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BE%D0%BA%20%E2%80%94%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:63253853c.3f39c618c_1660448808580,session_id:be6e4dc4e.2a638f566_1660448808581,cdn_version:11]&s=e28aef5fc17adc3e35586018583dfab0&1660448808592
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wxNsKJdG0Dig
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:48 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 active-tab-after.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 116 B
710 B 83ms
82ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/active-tab-after.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2eff75791f52a154f6e59d643a3286ee00016d16390e55c306c10d7e83bc7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116
last-modified: Mon, 25 Oct 2021 09:16:08 GMT
server: cloudflare
etag: "617675d8-74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWhons9EKMNMnb2Vp2nc%2BO2XEipKdUG7IK%2FUoxZBScv5PNd4KO%2FisGQUeyz0GPkCve0Wex%2FGHs8uA%2BidwpyXF3E1FbUcpVCqzD4N4u4Ywm%2Frs6EGD6qQ79HAVDCjC5%2FO1acCJk0Mk1mrYDkEtgsoKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49dfbc57765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_08.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 1 KB
2 KB 82ms
81ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_08.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e63d765a9197d6bd3566b75ebf2af10a075ff7d1bfb0f07aae90a32f718e343

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25186904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1368
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-558"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTuwOxFgtecPA2Fk6ADtvEytuzekmsFbiZCdn7u7wk%2FRrzZcgGQKZP1ZOjBCUdKLIeEGf8LXjYOgfW5MdRybRLgvfupaFDtTDgEdEh4FcwglBMPGkdPhVZd1bK9qR4riibeKkJDv%2Fanjiq8KOU0CSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49dfbc87765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_04.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 1 KB
2 KB 82ms
80ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_04.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7528c4a352f79030848be8b252fdaf54eeb4c180a14432cb174f6f22b6e7db13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25186904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1288
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-508"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qwiRGHCt9MlwTb%2B8LbbCg9J4Hqxy5xy9JdhZRsyejHrPZbCzRoKcQYxOWjYm1iZZTauc64vlvW9%2F4ATDMsvnNeuhaC1UzbLgzBON1OFGkvO1lE3TNAi8poc3DIyJ7fgypK1lg3896UAqeJTYLabWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bcd7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_01.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 884 B
1 KB 82ms
80ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_01.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3174827c65b1e7f3acd23cc6925b23546a55304c7e824f8aac22eb45b94059

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13563090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 884
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-374"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLGfVAGTSEewYsMvsXJdgeqPboQC5DzZJx6Qesy69LWQQ9nv4vdXi03g777%2BdXttStw%2FCtA2wkFj4mCU72lz8H1gUFeOuLhuFZZqaRmI5FQVix%2Bm2HfrmHrlAxSdwDP0qFHW5q%2BgFR9u2Za42H8CZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bce7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_05.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 1 KB
2 KB 82ms
80ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_05.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

429dcfd4ec98fc50bb9054c0b01fd0295c41616d3c66b69c4944f4db4c8e32f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25186904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1272
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-4f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rdmF3%2BFxYkLhWQM%2FLJQsjJxLYxlNCaBBYsevNS%2BpR56%2FkxZ25pCQGxEOvYNc3mJBjJXmpOEW00ThVc7Qhj87hlYaGEsCMINwMfjswYW7c8of1%2Be%2FXJcDb8YN8r%2BEWu1oUcHiLd7UETNgL%2F2LHUkiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bcf7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_07.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 1 KB
2 KB 83ms
81ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_07.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

187acc87a0fcfcd7c10710a507cf565ad7da99a79547773617341878e1feb516

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20999347
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1375
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-55f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wV4WlMU3QC92YjtyNAmwDcBvmOiuWmuQEdZn%2BTsywQL9hknYzjDVCKB5d12%2BrIyGEo6cTw0dPozoN%2FonOrX0OWb4F3Cs0Ph7I2gVkUbeNVfUsrq5eS1qT9v4EH8K7VsVOcrUi6x2DIDSsATkX0fYMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bd27765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_06.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 1 KB
2 KB 85ms
83ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_06.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83e70425dd56c075dd82ad127ccfe0031652f7a13a841d53d57b1dba72f4a4c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25186904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1374
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-55e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AKdn%2FYS3Icj1WAFhQtDUdJAEBciKlGe0Dw%2FsEl7MuKou%2Fur0gIJ34uG0FCkLAvnKyTc4usbS8cVwVaN7w0PzL%2BQSEKRmVbLXImHqu4Uypvfi8AQf5%2FEVvEauFDeQbsMo8%2BbOa4U3nZ0LlDqMfrpFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bd37765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_03.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 1 KB
2 KB 86ms
84ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_03.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75917a69ff81ec540c9ace6c89806af3501c526a43664ca5c6b843cf2145606e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25186904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1438
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-59e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FWsbbuKNxCyXnDFaF3FwkXSLHsLVW1chSpIn69ub6nmrdFBbgRSu70Up25%2F1EOJXQyizDsc3P3wjnOTvw3pWjVjIfXCOcEAhkMp3TKdqyleT%2BW2rp8NjVzIq6NokqUwUmvdYt8tDIcmIR9gLlB%2B8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bd57765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons_02.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/ 1 KB
2 KB 86ms
84ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/shadowservice/icons_02.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4060ed9e4980a8e3b490250bde75a117635b71e4d1d03ae3d1227c7a2c85a214

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25186904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1151
last-modified: Mon, 25 Oct 2021 09:16:36 GMT
server: cloudflare
etag: "617675f4-47f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IB39wbvGgSMfN693%2BpKaMxVuMDYwwBGcgbIDdlDfLI2a%2FGCJgRJi8U8tbwZLz242rMYbofFBXsan2W9P2OpwoNwd%2BdhLmzgJc3FVuFTTHHj9jMQ3TL4WESqx2LTy1KZka2EQ9koBJxRf5C4fGVQAnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bd77765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 border.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/media/ 146 B
736 B 86ms
84ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/media/border.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3085c06e4a8df690b126de6bf43c338fe2fbafb62daeaa6ac91184d11803f0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146
last-modified: Mon, 25 Oct 2021 09:16:34 GMT
server: cloudflare
etag: "617675f2-92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBh5WwsO7IKdL1iHu8gIPVC9chh2XRgLvVdxFdsWMCw7iTeEGEYNrw6LFNS%2B8vigVWlGshOR9IX69QAVj2Xu2Hy2Z%2BU1fh9rSqKcjh3g9LRGp%2BJBGB6Xc19cym1%2Fieq7bY%2BFhpZDe80Wsg4cCRVHHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bd87765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 play-btn.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/media/ 1011 B
2 KB 86ms
85ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/media/play-btn.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9184d978722c04a200291924638eca8c7313f07dc21d0448599c1aba98243fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1011
last-modified: Mon, 25 Oct 2021 09:16:34 GMT
server: cloudflare
etag: "617675f2-3f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfCNMaU7xtNxiBpayKVQZcbpu4IhbLAteAuhelO%2FsEgX%2BnN1DnMOk%2FBkZWUdsjMGLzzRHsL5sLaK3AxenXAzTjwoz%2BBrxRXVXkEm%2BLJ3m5GjP5z7xCqlQwlPU6rwR%2BKljyIxY1FkBfVuy%2BuPfZV%2BLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bd97765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 photo-btn.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/media/ 1 KB
2 KB 86ms
85ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/media/photo-btn.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb31b71b9abf0ae4a3b5ec2abac5ab2315985fc43e6819114db9f7f89043979

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/wp-content/themes/moirebenok/css/mr.min.css?ver=1_14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1382
last-modified: Mon, 25 Oct 2021 09:16:34 GMT
server: cloudflare
etag: "617675f2-566"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwskLrDWzCBChrKTBxHp0BukILgD8PE7atgp88Adh53a%2FFd%2F%2BgRafXdv9o%2FQdBcM%2FJ1joOuAtFoppzjUG0U%2BYpsTvrRuyBzpD%2B2YctWbR4xn3gbGceiEsGUmOVODJIUB%2BFLhws%2BjWUKmtJIrqOgIdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e0bda7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 6 KB
3 KB 183ms
66ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=942780484794194.5&cpv=27ae8c83-a243-6d3b-1abc-4d3e507b21d1&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%226310f133-7eed-d6bb-a39d-557c7f20e544%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.moirebenok.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229fa32886-59cd-0f72-f12d-146e7e765bad%22%2C%22tagid%22%3A%22e62e3ddf-d324-432b-ac56-25c713463cc4%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_e62e3ddfd324432bac5625c713463cc4_zone_79119_sect_8997_site_7174%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

ae3e15fab99e85bd9e151a762dfa6f4ececa63082a73f3c405faeb23ca0031ae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 03:46:48 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 2094
X-Xss-Protection: 0

GET
H3 200 fb.svg
www.moirebenok.ua/wp-content/themes/moirebenok/images/svg/ 939 B
1011 B 72ms
71ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/svg/fb.svg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6975892297eeba778dd862e4ac8938308beeeb5ae73b6a89be20264e3e9599e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Apr 2022 07:04:07 GMT
server: cloudflare
etag: W/"626101e7-3ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQragQ7H5yjzUatPG%2FE04alVVQ76gf8i6890ZOFo27EpldibWWk4Pn1SAefNjxUUqMwv1sBD5Q3B1AXVLtIApaXhTduGQX8D2cWFqgHWZEK%2BlE35QHpPzxt7aM2Y3IUpF2jPi7u3qfy0sytu6cOBzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 73a6b49e1bee7765-LHR

GET
H3 200 insta.svg
www.moirebenok.ua/wp-content/themes/moirebenok/images/svg/ 2 KB
1 KB 72ms
71ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/svg/insta.svg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7affc9618a3fde55be759558f3b7dfb168a219fa6199af85f55de15e880b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Apr 2022 07:07:21 GMT
server: cloudflare
etag: W/"626102a9-91d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxrvgFf9rOY%2Fwl1lltkreYIfENYnCNiVTDnqGbtk0eNJfUd6nCUELxN%2FGlednf6Wo4qUb%2B9GtCKkVBT0tzoeVyhhyGcWHX%2FKVDBlPDP%2FPQstINFscg5bsTUYoG8m5gw5HfPclCazkqnDkATr0CkBMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 73a6b49e1bf07765-LHR

GET
H3 200 yt.svg
www.moirebenok.ua/wp-content/themes/moirebenok/images/svg/ 782 B
946 B 72ms
71ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/svg/yt.svg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d6aef654080f36d77bb14801fd6ba78bf4e435afeaebfa37f47a68ac570897

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Apr 2022 07:09:21 GMT
server: cloudflare
etag: W/"62610321-30e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GggWq%2FJ8h1HlHfXzva4AW2N2DdFwkXMzXFQH%2B%2B9gcuCwg%2FpY2OqmipOCTP8bv%2BTZT49ToU%2Bo%2BkvKriFuthe168XhjhCl8lBpfK7jqgnGvhzQVScVaLS2n4qqEAG%2BC7pC2Z3HKDPGPdSTAv7nCJua3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 73a6b49e1bf17765-LHR

GET
H3 200 sss-135x90.png
www.moirebenok.ua/wp-content/uploads/2022/03/ 27 KB
27 KB 72ms
71ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/03/sss-135x90.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c0d7f01c28a577800a554f617443eb187a6b3711bea63e0c9f578ac44853da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276693
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27324
last-modified: Wed, 09 Mar 2022 14:37:27 GMT
server: cloudflare
etag: "6228bba7-6abc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YQJoPKhd%2B787nQWSZb4q8DX846oFSODPopUyRHXO3sNHTbUpWmrc5LqHFQnZe5rp6UH4Zy5OHT3dFPdWruqcZGkU%2B1DTK7yqsApFLi9bkEmROGC6aX3MwJNFjxxoaF12Mk0Gcybp57HZbLA4cS37w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e1bf27765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 136-98-135x90.jpg
www.moirebenok.ua/wp-content/uploads/2021/12/ 4 KB
5 KB 107ms
106ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2021/12/136-98-135x90.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48a304cff1281a3b2a276f8415e399ef29cab027074079bc76f29e126b618c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341810
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4262
last-modified: Thu, 23 Dec 2021 17:14:56 GMT
server: cloudflare
etag: "61c4ae90-10a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuEae3whDDWB110eE7fUmb%2BrJXb%2FrDk8ny7Xp8bwSccvrPMi19MputZ%2BHtVmtNc0VnH%2FOgBFKyOhC5Ea5qrFlM9tfLuKDdnvPPrdVnukixAM6PJj71%2FmblGSjGawf9uA9CPuiHMJIOVnw0VHGtBo5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e1bf37765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Nashi-proekty-138-h-98-135x90.png
www.moirebenok.ua/wp-content/uploads/2021/12/ 22 KB
22 KB 108ms
107ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2021/12/Nashi-proekty-138-h-98-135x90.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a92f03212360b01277a56a5fbd24892f2757537dc062a4ce8fbd3aecf4868c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 335076
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22156
last-modified: Mon, 06 Dec 2021 09:59:46 GMT
server: cloudflare
etag: "61addf12-568c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dw%2FfaIaPCcrdXwg8c8TPlHZ%2BpX9XrhxEyjkfE9n86ZEWUdwjr%2FrlUfo5N5PFdgcLv%2Fu4t6D9KKF704xO7ym02I9CT563RhUP0TP6XO99R0lwyntqzP5vQF171yWWAM%2BI291YGd%2FtZICbMQRUA1lcng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e1bf47765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/ 4 KB
2 KB 99ms
51ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.css

Requested by

Host: cdn.websitepolicies.io
URL: https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding: br
vary: Accept-Encoding
age: 1385351
cdn-pullzone: 403741
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer-when-downgrade
cdn-proxyver: 1.02
etag: W/"60a7e46d-ffa"
x-frame-options: SAMEORIGIN
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cdn-requestcountrycode: GB
expires: Wed, 27 Jul 2022 17:17:13 GMT
date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 921
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 17:19:10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 May 2021 16:48:45 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSD9kQ5lQcOUwinb7p5ywHIF3w4KJdnM%2BHnB%2Ft%2BfFGP1bhQuJ%2FL5PpED2FyQFnlpU76Rllql6mUSxNyC634BbjmgPUTaORcNfI8awCQK2smAbmy9PGOmJwZtrwEgXZWHYuA1QAA8c7gr"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 7df59c2a01d781e31c7b92ef92884c15
cf-ray: 73a6b49e6e767791-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 ttt-260x160.jpg
www.moirebenok.ua/wp-content/uploads/2022/08/ 15 KB
16 KB 101ms
101ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/08/ttt-260x160.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15fbeaf163442f8440e89e32b6d05163ab41cd2164cbdd0dbf8693521a5e58e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15729
last-modified: Thu, 11 Aug 2022 11:26:39 GMT
server: cloudflare
etag: "62f4e76f-3d71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8k%2BdEzaes3xpML5p9ooMRUtA89Ik5bcPL3qUvdQJ5AAWuzjIkKUbKqm2jEykzlIwIwfjE28pgr2ilTdM2%2BO1I2HrtQ1OdjUXS7MsukUu7fNop3ZJaEJJfj51EZfle0WwRzFyrJwSFza%2FtSLBllFuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e2c007765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mimm-260x160.jpg
www.moirebenok.ua/wp-content/uploads/2022/08/ 6 KB
7 KB 234ms
234ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/08/mimm-260x160.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5d286749922e88120ab2a25b7c56598896d042637ad7f030e0f8374a58bc6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6447
last-modified: Wed, 03 Aug 2022 14:13:07 GMT
server: cloudflare
etag: "62ea8273-192f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQCHfqyzO5%2F2qUKXpN43P9UtsXe5iTvBwAefik4CfawPekDFLbyzza7ng7REYoF7%2BMVbok3hipZ6OTus%2FRjV1VWLAzw%2Fhv%2BiHoScVoRN9TadHsTn3SYiYrTjamhJJ2hnPvyfgc6rRgi5F8hQwwyOZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e2c017765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 shutterstock_1504194842-min-260x160.jpg
www.moirebenok.ua/wp-content/uploads/2020/04/ 10 KB
11 KB 213ms
213ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2020/04/shutterstock_1504194842-min-260x160.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8106512078bb15e654a7bb558ff7ddf9108225972a48c3a188b9fad9f746a7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10717
last-modified: Mon, 13 Apr 2020 11:39:06 GMT
server: cloudflare
etag: "5e944f5a-29dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvcjZjwMk8ko6KXHqPVgTAV6%2F6V%2FJrBdRSPMdpbMjFwRxY9FdJr2BLpypRVFOrKxhZh3CiVHsp1hD%2BE7S3TMxIZU8kUYr69cB%2BxnRzXdP7vF2zMiszhLHXRPoj931wjamMbgt1xdq0aac7xgIySwmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e2c027765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 shutterstock_1041909190-min-260x160.jpg
www.moirebenok.ua/wp-content/uploads/2020/05/ 9 KB
9 KB 101ms
100ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2020/05/shutterstock_1041909190-min-260x160.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6190556068482d3fbbcd2d44cd9ca448c1962af52661de14f8729cfa976acad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 226888
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8736
last-modified: Wed, 27 May 2020 13:32:07 GMT
server: cloudflare
etag: "5ece6bd7-2220"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fe16VoINRI1iZrgh1nVxmNxO302oId8ftphnI%2FXAzX0FTUhydt1bEqurQ10T7Zm2XLSQZHAvQK8%2FwN3zrxfNa5Q4tVNwLhAJ74EseRKwrPrnVsDuyVTNUAhv5ObsqRAbBFwprLS0WSiWjINCijXy1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e2c037765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 shutterstock_1041909190-min-620x410.jpg
www.moirebenok.ua/wp-content/uploads/2020/05/ 32 KB
33 KB 253ms
252ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2020/05/shutterstock_1041909190-min-620x410.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc31dac6a14e24e7f3670b8ea456d67de35dcbd0f3d1b3ec8bfae28bbc1f2298

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33200
last-modified: Wed, 27 May 2020 13:32:06 GMT
server: cloudflare
etag: "5ece6bd6-81b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry77wlLFLBWNAdPvhSrSwyOKEJY3HuA5M3iCntklFp4xfxI2m7v3OBvOUGIoYMMd5JXI23QryZzdzx4DZe8F3BPx6iI7Oe0%2FEPnurZ%2BPtvyY7Uz7QuMAIh3%2BDhKub7vexqYNFLU%2BbOaBnjwaw3XWhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c087765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ttt-620x410.jpg
www.moirebenok.ua/wp-content/uploads/2022/08/ 74 KB
75 KB 290ms
289ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/08/ttt-620x410.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4bf56f770e71ede30cde73002415b2a52b199925e327c8701c5e561b4a1cce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75836
last-modified: Thu, 11 Aug 2022 11:26:39 GMT
server: cloudflare
etag: "62f4e76f-1283c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afKt%2BQ09goeTUGRJSlbhidH1i8lZnlrsPBueFQhUUFLTmRLK%2FtR9EkYy3el%2FZdDhFLwk2NSRz3ZxZilzUy%2BPpArgouPLdVp2JfqbyUBGyZHnOVJPZ%2Bbb9o6jdDLCBTWuv61q2%2B8Cn8BNLVISl4AGhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c107765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 22.png
www.moirebenok.ua/wp-content/uploads/2021/02/ 228 KB
229 KB 90ms
87ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2021/02/22.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c04bacb2dcb5068dd339525a94ce21dc9538a6d6027a0c305b3a6d0b74fa51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412404
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 233411
last-modified: Thu, 18 Feb 2021 10:07:15 GMT
server: cloudflare
etag: "602e3c53-38fc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCKGQc8fFb1KQCmzR%2FzPlExKHDK%2BxiBLnt5RAmxAAxbHinkQXi84UI7BqLpzE730P2lDaXgqys8zZkaAjKf1BtU%2B0FxGv1s5Aec6aIcX7UA4wAjxp%2FWetvpgBxl6In7SMKVVkCCCCiDScN9DzYnWCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c147765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 kekelia3-600x410.jpg
www.moirebenok.ua/wp-content/uploads/2020/12/ 54 KB
55 KB 292ms
290ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2020/12/kekelia3-600x410.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1de98548f64b1d7d313dcd354ba6df0f9b6d0308742122182e477edaeafbdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55279
last-modified: Thu, 03 Dec 2020 18:30:00 GMT
server: cloudflare
etag: "5fc92ea8-d7ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE5URuJb8lyI4bWmjyQgDjQDBcAPJxy%2FZai5CvtL8N6JMxH%2ByZU9q9MJCI1TM3F6SKBP%2BIuNzPw9U9zBZSQqytlJYJD2lBgWhrjaUEm3XUJo5At3K8nIYsDr7KDV1MKYrQI6EbUQPJdTJSzJff3VHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c177765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 3-587x410.png
www.moirebenok.ua/wp-content/uploads/2020/07/ 414 KB
415 KB 363ms
361ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2020/07/3-587x410.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c567cf0802114f3bb25270489588977ac9e24b04b4784b0c2a087d5a1a5f366a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 423897
last-modified: Thu, 02 Jul 2020 12:55:26 GMT
server: cloudflare
etag: "5efdd93e-677d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfiDys0BdejjIzhlJFwVCzooG%2BQ%2BumC3lFdMTm4PWCa5P31HKoPdiwWfHwbTBz3mHHjMta%2BNfSrilwJNC1rJE7BjVEHCG76bb8D1B1V%2BxR6JyDg4LEhFalZVVHqpupgZ4l1%2Fb5NDO2rNtRpGMEAEiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c187765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ya5-620x410.jpg
www.moirebenok.ua/wp-content/uploads/2022/08/ 52 KB
53 KB 319ms
317ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/08/ya5-620x410.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b400f9b4ef7225429aa8f4f659d5dc61f13334e68382d18101840138816e663d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53739
last-modified: Mon, 08 Aug 2022 08:51:27 GMT
server: cloudflare
etag: "62f0ce8f-d1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGb7QvLbtXzxu58RLFZQO9Mj2tfMRN0KFFM0rfP%2Bur41OqHPwbHjW%2F%2Bz2%2B%2FqlZBdkVHgL0YFMxG%2BR2fguGAM%2BR3Z%2FUTInT2HlkPhwcoMVMH8MPm2TUdGWcTK%2Fg8xFxDtBdNksnT5RXWVKeUwklnZdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c197765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 123451-620x410.jpg
www.moirebenok.ua/wp-content/uploads/2021/10/ 38 KB
38 KB 256ms
254ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2021/10/123451-620x410.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be02a4117a893f41ff052e60b32b51c70d77d5e4d5bd28deb6641c65fa390b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38540
last-modified: Fri, 05 Aug 2022 11:37:40 GMT
server: cloudflare
etag: "62ed0104-968c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAzB4LXZTI%2Bxd9X87iFRAk3Cl2M2TGZRzEXbtB3Pwav9E67sMqnnomscQskzyjwtmVkM%2BXSQ3tq3eLGQHHNzIa94KYcJ2Uh%2BLuyc4XfZDN%2BJbm1CksIliEenfD8P%2B7FR55DGUrhNOlQlzLN9qyOTJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c1a7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Frame-12.jpg
www.moirebenok.ua/wp-content/uploads/2021/12/ 182 KB
182 KB 333ms
330ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2021/12/Frame-12.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe445472f3370aacec7b4dd165297ce3486c5c01bef02f015d4dd4a72f7c825

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186062
last-modified: Thu, 09 Dec 2021 09:24:09 GMT
server: cloudflare
etag: "61b1cb39-2d6ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXgTMCRTv5CBoRi%2BFWc1nc0Qf5TYw7JiLwQ3gZsFx1NlzpJpMmjZVQbl1HFqDzwfOcM2z%2BT33XFohxmYJaW34oLxxdf2S8m7fUmkOtzNzMvDb9d7q2VLNSL%2B88AFLqf8h6SjlJHOnHGoG987o4DVlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c1b7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 z4-620x410.jpg
www.moirebenok.ua/wp-content/uploads/2022/08/ 48 KB
48 KB 300ms
297ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/08/z4-620x410.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9fb30b4577e445e856e8767652dd077b4072c5a420c32feac062b2fb6790e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48903
last-modified: Thu, 04 Aug 2022 11:24:42 GMT
server: cloudflare
etag: "62ebac7a-bf07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02R4h1soFwTS8%2FrHNmId6vyvZiNzj7Dlfk8qG%2FTUnVWC9tX5Et1d%2BRFt9ae4UsJU%2BBz4KmPUYP9Bwsaq44Vb4acO91xcb5d7bSsVboBono5wBj%2BD%2BIN13Zq%2BgtcJvIi4zyTrtvtdzRnLGRSR7JJPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c1c7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 236906729_355640202717969_881323950793788624_n.jpg
www.moirebenok.ua/wp-content/uploads/2021/11/ 103 KB
104 KB 335ms
332ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2021/11/236906729_355640202717969_881323950793788624_n.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a91b1c0cee049b61cf175088cbf3e3ee802e256e48995d8499b7465e1320c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105740
last-modified: Fri, 05 Nov 2021 16:24:56 GMT
server: cloudflare
etag: "61855ad8-19d0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qu%2Fa2cO0%2FbZ3hRs5yh2qGJbyrUhxMp%2B3zsO88Isve%2Bt6EpLwLKsL7FHGE%2BSLMfc5sikTCoeb7kUolgpAbj1t3qdjOB2JRXCe%2F6ZFrI6ONHT3OUKrGPBggzhxNoQjsD0ls37JdgAHUBGjp9W5wnk%2FHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c1d7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 p-620x410.jpg
www.moirebenok.ua/wp-content/uploads/2022/08/ 27 KB
28 KB 259ms
256ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/08/p-620x410.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5541edabea0e421b3afaacb77e81ea79805593a93c3099e80d598d79dc2f7d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27981
last-modified: Tue, 02 Aug 2022 10:50:44 GMT
server: cloudflare
etag: "62e90184-6d4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btz7Mg%2FVcZbCYGI9mXvfcX8UoG0f%2BAUTCKLSoFSSgF%2FkYb221weSCuTuGqJitO9%2FIfZ21QdLpiWD1ba0gjOGk12xTF7fKVLQ4ydoNF5o%2BaWtiWRkmCt81tTvPZmIC5KXDrqWpZQDEG1ULkR7xwXj3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c1e7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 157_531-620x410.png
www.moirebenok.ua/wp-content/uploads/2022/07/ 105 KB
106 KB 335ms
333ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/07/157_531-620x410.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78fd2d2c9b201685643b1323ebd3b103a28692d4a069a34e710826da6c81406

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107784
last-modified: Thu, 28 Jul 2022 14:14:54 GMT
server: cloudflare
etag: "62e299de-1a508"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7LV2HJDRAhMYtbvFCQIzvS0it2L83DShqK0NGzUeelLF5nj8DB8WyiJW0b5ydGdP94J6eCYORL3a9Mg2w%2FM1uSaO%2B9b1Twk5Waf7pCMCMkXG8Y3yGQrVlgCctsY4M9deJ57CIa54TouWSsgteE%2BHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e3c1f7765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 slide-left.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 530 B
1 KB 129ms
128ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/slide-left.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

032a7eec988c3b8754a1ed125ea70c486cadcacc0dfa102acdd0234247afe7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 579183
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 530
last-modified: Mon, 25 Oct 2021 09:16:15 GMT
server: cloudflare
etag: "617675df-212"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZtQA%2F9TFr8tti%2FTQYDi9jgl8cnse%2FTRbvFYycOi6hVUlo9iBJ3XJRRpLd%2FgoxuP0V%2FuO5VJHKoqiKUF8R8DQD3Go%2BeJkGg7xCe%2Fzc0%2FHE2WGV%2FL%2FGbUfDJIKc8etSAtMVJmYMjgwSIsU5oHBwZOIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e4c217765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 slide-right.png
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 525 B
1 KB 129ms
129ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/slide-right.png

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1465c9fd4f833c9278a3b58f42b9536a206e97d3f7278dfdd45db1fb752fa52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24913352
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 525
last-modified: Mon, 25 Oct 2021 09:16:15 GMT
server: cloudflare
etag: "617675df-20d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ll6Fl39mN9j4wtJVVnUWvLjpOeUT3DWgZ9NLiGgKqro8Om3TzawmQvZD8CcCH3W6KKuRK0DR9UwLT4zFe0koASeTQZfhbivMkOGmGBcahiqd%2FQlJTQ9%2Bk2hFUzuAChdBCA13xNwan3cA8eX1FtbRvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e4c227765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 test.jpg.webp
www.moirebenok.ua/wp-content/themes/moirebenok/images/ 44 B
607 B 112ms
111ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/themes/moirebenok/images/test.jpg.webp

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5321d9d56c62956a39bd1028bc956697830887a2359dab900dc896a744a60d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
last-modified: Mon, 25 Oct 2021 09:16:15 GMT
server: cloudflare
etag: "617675df-2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5AHW64TMLtYCDdeMSuYFLom5wi9fU8315d9a7ITKMU5okQwjHuHqwz%2BbMA%2F%2BDN8Gu0h%2FYtoJ5YoYAQo3oAZ3MSa2KnOQAauF0LF9JKZFCmjx156TpL6RpeBLcAEonaEOSssMxekoxQv%2BrKn3p9okA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 73a6b49e6c557765-LHR

GET
H3 200 136-98-135x90.jpg
www.moirebenok.ua/wp-content/uploads/2021/08/ 4 KB
4 KB 110ms
109ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2021/08/136-98-135x90.jpg

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6223c2bdf0e3f03588ab7c8864cac1e784998ae21f2cf4d2a937d44875159f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13794595
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3938
last-modified: Thu, 26 Aug 2021 16:21:30 GMT
server: cloudflare
etag: "6127bf8a-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtsQ0qs1OY6K13iTyAoCGRledqM2Ip6hfZZ2FqOL0Mjayl5wlql4EwFrqvl%2BV7VuAk%2FviqIuPxNDkj4yGDM7R0lcHl1m01CouNGQD6bxWDjw%2BMI4UrE%2FakSlObemw5KWTuN74yWTPDSJlEElImsR4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b49e6c597765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 226ms
68ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: lIpIw9vNZfQ7gWnL1q14z3yjHoX9sS6Cbbm/h6oQZM9NeLsX/wGOY8crbGwRMXoirIVsDpkXpqEMBbjIgmK8YQ==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 14 Aug 2022 03:46:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 174ms
53ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH2WFG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2688
date: Sun, 14 Aug 2022 03:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 14 Aug 2022 05:02:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 340 KB
120 KB 189ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=www.moirebenok.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff636d354922804cb81e44005b2b72aa3aefe418deb6e6a866df604059e6d1c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122760
x-xss-protection: 0
server: cafe
etag: 1651957729897365563
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 03:46:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame 7251 10 KB
5 KB 183ms
53ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 59583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Aug 2022 11:13:45 GMT
etag: 8616628553774171045
expires: Sat, 27 Aug 2022 11:13:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 media.min.js Show response
a4p.adpartner.pro/apstc/ 15 KB
4 KB 77ms
76ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=129&unit_id=2633
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
cache-control: no-store no-transform
last-modified: Tue, 15 Mar 2022 16:47:24 GMT
server: nginx
content-encoding: br
etag: W/"6230c31c-3ac0"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame 1940 0
0 450ms
450ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=7c136a64-1c2f-4b37-9619-b9b85bbe8cb2&site_visited=1&location=https%3A%2F%2Fwww.moirebenok.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=129&unit_id=2633
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Sun, 14 Aug 2022 03:46:49 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/media/ Frame D513 5 KB
2 KB 77ms
77ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media/ls?mediaunit=2633&apuid=b9dd2583-8700-47ac-9cb2-f18deedbc10b&session_pageview=1&session_id=7c136a64-1c2f-4b37-9619-b9b85bbe8cb2&site_visited=1&location=https%3A%2F%2Fwww.moirebenok.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=129&unit_id=2633
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 5e4a8d675142988d5a467027a3bb234e05d1a80eb4ff2b62063a1e95a05926a5

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 14 Aug 2022 03:46:48 GMT
server: nginx

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 208ms
59ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

18da79f767f5a603e9b235ec78993380e8c00aaf1ec855049e8a79107e3013c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:26 GMT
server: nginx
etag: W/"62e91dce-1dc2b"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Aug 2022 03:46:48 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 157ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/48427/a21031c0f6a0994b3314.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.moirebenok.ua
date: Sun, 14 Aug 2022 03:46:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 224ms
49ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=5805c5dc57dc4e5d8139152b50afec8c
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 03:46:49 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=533&code=5805c5dc57dc4e5d8139152b50afec8c
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D5805c5dc57dc4e5d8139152b50afec8c

43 B
1 KB

54ms
53ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D5805c5dc57dc4e5d8139152b50afec8c

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:49 GMT
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: db71469c-d84e-40b1-a434-63024d700276
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:48 GMT
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dad9fd9b-4ab1-4cc3-9f16-ef3df9c01199
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D5805c5dc57dc4e5d8139152b50afec8c
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

49ms
49ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:49 GMT, Sun, 14 Aug 2022 03:46:49 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Sun, 14 Aug 2022 03:46:48 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=5805c5dc57dc4e5d8139152b50afec8c&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=5805c5dc57dc4e5d8139152b50afec8c&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=31542910-3d8c-4f74-8184-184f8488eed3&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_435260c2-f7e0-496a-8ad3-6c4de6bbc7bf&bsw_param=31542910-3d8c-4f74-8184-184f8488eed3&expires=10
https://inv-nets.admixer.net/bs/cm.aspx?id=31542910-3d8c-4f74-8184-184f8488eed3&gdpr=&consent=&gdpr_pd=

43 B
463 B

99ms
54ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=31542910-3d8c-4f74-8184-184f8488eed3&gdpr=&consent=&gdpr_pd=

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 03:46:49 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=31542910-3d8c-4f74-8184-184f8488eed3&gdpr=&consent=&gdpr_pd=
Date: Sun, 14 Aug 2022 03:46:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 542ms
54ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-length: 0

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 59ms
59ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12552:uniques_holding&s=e28aef5fc17adc3e35586018583dfab0&__io=63253853c.3f39c618c_1660448808580&1660448808836
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/wxNsKJdG0Dig
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:48 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D513 49 KB
20 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=2633&apuid=b9dd2583-8700-47ac-9cb2-f18deedbc10b&session_pageview=1&session_id=7c136a64-1c2f-4b37-9619-b9b85bbe8cb2&site_visited=1&location=https%3A%2F%2Fwww.moirebenok.ua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2688
date: Sun, 14 Aug 2022 03:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 14 Aug 2022 05:02:00 GMT

POST
H2 200 media Show response
a4p.adpartner.pro/ Frame D513 3 KB
1 KB 82ms
82ms XHR
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media?id=2633&session_id=7c136a64-1c2f-4b37-9619-b9b85bbe8cb2&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=2633&apuid=b9dd2583-8700-47ac-9cb2-f18deedbc10b&session_pageview=1&session_id=7c136a64-1c2f-4b37-9619-b9b85bbe8cb2&site_visited=1&location=https%3A%2F%2Fwww.moirebenok.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: f1a99964d18d9bf5e9b34190e9059d17da326820580adaae405001c17179e8d2

Request headers

Referer: https://a4p.adpartner.pro/media/ls?mediaunit=2633&apuid=b9dd2583-8700-47ac-9cb2-f18deedbc10b&session_pageview=1&session_id=7c136a64-1c2f-4b37-9619-b9b85bbe8cb2&site_visited=1&location=https%3A%2F%2Fwww.moirebenok.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
534 B 190ms
61ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.moirebenok.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3 200 762786504179140 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 196ms
125ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/762786504179140?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f935bb7fc6ab5f627e7c6de8c9bda431c4c85f16b5cd0382bec262ac65897b93

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ZBKZLMY7nLm07ZnxrLnKtb3TRmj/HU0iVTzYF+eHSQc219uehnR4pmdiGdq1O19wPIH+3kwTCqnIVOdm/QZnIQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 14 Aug 2022 03:46:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660448809142
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 54ms
54ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=5805c5dc57dc4e5d8139152b50afec8c&zone=E62E3DDF-D324-432B-AC56-25C713463CC4&device=28&rule=268C98F5-39BC-412E-B370-BF1E14CA7196&requestId=81634297-85f6-48eb-bc5c-f961a0bd8737&hp=-1090256381&page=www.moirebenok.ua%2F&ts=637960456087754971&ap=MA%3D%3D&asign=-1602847215&sync=88%2C3&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=3C048030-451F-4CFA-81F2-2A3A083BA4DE&inst=ADS-EU-7&pxl=0&pvid=8feff600-d709-4aff-9316-07a44845295c&ip=82.199.130.38&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 Aug 2022 03:46:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
644 B 190ms
62ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.moirebenok.ua&callback=_gfp_s_&client=ca-pub-7141688687918598

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=www.moirebenok.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3ec9af02e6ab4c314ab99bdeeed875d63656fcf274112ac92bea31e0eb72e9f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 191ms
62ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moirebenok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 194ms
62ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moirebenok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A9E 10 KB
4 KB 274ms
164ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=2594086687&adf=1314719486&lmt=1660448809&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808728&bpp=3&bdt=919&idt=316&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8795719047812&frm=20&pv=2&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d1c7b736a6f94421ee9bea7bbe3ec2361df804209ca5c79ee29734026396e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4479
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:49 GMT
expires: Sun, 14 Aug 2022 03:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D75D 82 KB
30 KB 560ms
464ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=5442240898&adk=3104416150&adf=76155185&pi=t.ma~as.5442240898&w=940&lmt=1660448809&rafmt=12&psa=0&format=940x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808731&bpp=1&bdt=923&idt=339&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Hz6pXzHLw&p=https%3A//www.moirebenok.ua&dtd=346

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45411121c06e1034ce9fee935438d42258ff29053c3032f3c1794511bac7bdd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30455
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:49 GMT
expires: Sun, 14 Aug 2022 03:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 MR-Desc-Float.html Show response
moirebenok.ua/ Frame 5188 465 B
829 B 311ms
217ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://moirebenok.ua/MR-Desc-Float.html?adId=2187739&unitId=2633&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2633%2F2187739%2F1b1dc514-53db-4695-bab7-5d4fa1159710%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwNDQ4ODA4LCJzaG93X2lkIjoiMWIxZGM1MTQtNTNkYi00Njk1LWJhYjctNWQ0ZmExMTU5NzEwIiwiYWRfdW5pdF9pZCI6MjYzMywicnVsZV9pZCI6MTkxNzE2LCJhZF9pZCI6MjE4NzczOSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjlkZDI1ODMtODcwMC00N2FjLTljYjItZjE4ZGVlZGJjMTBiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D74917a12c466f0654c4504d5f516f043&showId=1b1dc514-53db-4695-bab7-5d4fa1159710&apuid=b9dd2583-8700-47ac-9cb2-f18deedbc10b

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cc6253fe00955194604b1ba62488c913ccf464dc26564f9f254c65ec744ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73a6b4a18d3d73ef-LHR
content-encoding: br
content-type: text/html
date: Sun, 14 Aug 2022 03:46:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 18 Oct 2021 10:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcahQZWBg2q2Q54VsLfPa5G0XiZ%2Fns0wPeWSV1tt7lBCQHDTL3%2F%2BWf95kBemu7JLx2NtefxuL7F%2BzinrTcxOh7oMJrZuQdIc21FhqzlhFiR9zCoEsdJo6%2BUFqXGQyxmabvk7haAVJEeXxHjT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 622C 22 KB
9 KB 391ms
317ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=7659859057&adk=2353355361&adf=1860012115&pi=t.ma~as.7659859057&w=1000&lmt=1660448809&rafmt=12&psa=0&format=1000x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808732&bpp=1&bdt=924&idt=366&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x250&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=h5jvuE1nNT&p=https%3A//www.moirebenok.ua&dtd=368

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8927e3e429e0c8f5462230914a7d85a676d97d9faf81238b73c6099bcedbd282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9686
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:49 GMT
expires: Sun, 14 Aug 2022 03:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
463 B 216ms
61ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.moirebenok.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 9121 0
139 B 79ms
78ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b9dd2583-8700-47ac-9cb2-f18deedbc10b%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2187739%252C%2522rule_id%2522%253A191716%252C%2522show_id%2522%253A%25221b1dc514-53db-4695-bab7-5d4fa1159710%2522%257D%255D%252C%2522unit_id%2522%253A2633%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221b1dc514-53db-4695-bab7-5d4fa1159710%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwww.moirebenok.ua%252F%2522%257D
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Sun, 14 Aug 2022 03:46:49 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 4927 0
139 B 80ms
80ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b9dd2583-8700-47ac-9cb2-f18deedbc10b%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2187739%252C%2522rule_id%2522%253A191716%252C%2522show_id%2522%253A%25221b1dc514-53db-4695-bab7-5d4fa1159710%2522%257D%255D%252C%2522unit_id%2522%253A2633%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221b1dc514-53db-4695-bab7-5d4fa1159710%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwww.moirebenok.ua%252F%2522%257D
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Sun, 14 Aug 2022 03:46:49 GMT
expires: 0
pragma: no-cache
server: nginx

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
218 B 285ms
57ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=126&profileId=184&cb=49800911338

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.moirebenok.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
219 B 282ms
57ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=126&profileId=184&cb=3834102682

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.moirebenok.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H3

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=762786504179140&ev=PageView&dl=https%3A%2F%2Fwww.moirebenok.ua%2F&rl=&if=false&ts=1660448809334&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660448809333.14...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.moirebenok.ua%2F&ec=0&ev=PageView&fbp=fb.1.1660448809333.1414733999&id=762786504179140&if=false&it=1660448808982&o=30&r=stable&redirect=0...

44 B
91 B

139ms
68ms

Image
image/gif

2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.moirebenok.ua%2F&ec=0&ev=PageView&fbp=fb.1.1660448809333.1414733999&id=762786504179140&if=false&it=1660448808982&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1660448809334&v=2.9.75

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 14 Aug 2022 03:46:49 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:49 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fwww.moirebenok.ua%2F&ec=0&ev=PageView&fbp=fb.1.1660448809333.1414733999&id=762786504179140&if=false&it=1660448808982&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1660448809334&v=2.9.75
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 168ms
56ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-59638469-2&cid=1916196167.1660448809&jid=1397189731&gjid=896191137&_gid=1013874019.1660448809&_u=YChAgAABAAQCAE~&z=1375744872

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Aug 2022 03:46:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.moirebenok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 165ms
53ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=471335202&t=pageview&_s=1&dl=https%3A%2F%2Fwww.moirebenok.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%BE%D0%B9%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BE%D0%BA%20%E2%80%94%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgAABAAQC~&jid=1397189731&gjid=896191137&cid=1916196167.1660448809&tid=UA-59638469-2&_gid=1013874019.1660448809&gtm=2wg880TH2WFG&z=1673381726

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 19:23:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5188 170 KB
56 KB 182ms
73ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Requested by

Host: moirebenok.ua
URL: https://moirebenok.ua/MR-Desc-Float.html?adId=2187739&unitId=2633&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2633%2F2187739%2F1b1dc514-53db-4695-bab7-5d4fa1159710%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwNDQ4ODA4LCJzaG93X2lkIjoiMWIxZGM1MTQtNTNkYi00Njk1LWJhYjctNWQ0ZmExMTU5NzEwIiwiYWRfdW5pdF9pZCI6MjYzMywicnVsZV9pZCI6MTkxNzE2LCJhZF9pZCI6MjE4NzczOSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjlkZDI1ODMtODcwMC00N2FjLTljYjItZjE4ZGVlZGJjMTBiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D74917a12c466f0654c4504d5f516f043&showId=1b1dc514-53db-4695-bab7-5d4fa1159710&apuid=b9dd2583-8700-47ac-9cb2-f18deedbc10b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc0a8938e4694200f691aee8be6cdbef8b459a829bddd142349f85b5175037f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moirebenok.ua/
Origin: https://moirebenok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57409
x-xss-protection: 0
server: cafe
etag: 4250207949846897841
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 03:46:49 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
218 B 59ms
56ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.moirebenok.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 61ms
58ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 60ms
57ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 57ms
54ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=5805c5dc57dc4e5d8139152b50afec8c&zone=E62E3DDF-D324-432B-AC56-25C713463CC4&device=28&rule=268C98F5-39BC-412E-B370-BF1E14CA7196&requestId=81634297-85f6-48eb-bc5c-f961a0bd8737&hp=-1090256381&page=www.moirebenok.ua%2F&ts=637960456087754971&ap=MA%3D%3D&asign=-1602847215&sync=88%2C3&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=3C048030-451F-4CFA-81F2-2A3A083BA4DE&inst=ADS-EU-7&pxl=0&pvid=8feff600-d709-4aff-9316-07a44845295c&ip=82.199.130.38&item=4AFBC992-727F-4939-8CA8-A11954B7F1F7&crid=4AFBC992-727F-4939-8CA8-A11954B7F1F7&size=300x600&profile=94EE5311-0516-4D72-8091-7984FDECE4E0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 Aug 2022 03:46:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/48427/ 28 KB
11 KB 69ms
66ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:18 GMT
server: nginx
etag: W/"62e28a7e-702f"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:19 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/48427/ 42 KB
18 KB 75ms
72ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:19 GMT
server: nginx
etag: W/"62e28a7f-a793"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:19 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/48427/ 13 KB
5 KB 77ms
75ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:11 GMT
server: nginx
etag: W/"62e28a77-326c"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:19 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/48427/ 11 KB
4 KB 64ms
62ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:10 GMT
server: nginx
etag: W/"62e28a76-2a79"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:19 GMT

GET
H2 200 5927ef40e4a80e0040be.b.js Show response
cdn.admixer.net/scripts3/48427/ 215 KB
74 KB 83ms
81ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/48427/5927ef40e4a80e0040be.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 13:09:08 GMT
server: nginx
etag: W/"62e28a74-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-07-28T13:10:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 29 Jul 2023 13:10:19 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
218 B 58ms
56ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Aug 2022 03:46:48 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.moirebenok.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 110ms
54ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=5805c5dc57dc4e5d8139152b50afec8c&zone=E62E3DDF-D324-432B-AC56-25C713463CC4&device=28&rule=268C98F5-39BC-412E-B370-BF1E14CA7196&requestId=81634297-85f6-48eb-bc5c-f961a0bd8737&hp=-1090256381&page=www.moirebenok.ua%2F&ts=637960456087754971&ap=MA%3D%3D&asign=-1602847215&sync=88%2C3&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=3C048030-451F-4CFA-81F2-2A3A083BA4DE&inst=ADS-EU-7&pxl=0&pvid=8feff600-d709-4aff-9316-07a44845295c&ip=82.199.130.38&item=2AC304DB-8C70-47D9-86D2-B88FCF329D87&crid=2AC304DB-8C70-47D9-86D2-B88FCF329D87&size=300x250&profile=31B0C9C2-24E5-4F12-A50D-F039082E0855&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 Aug 2022 03:46:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 622C 3 KB
1 KB 191ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=7659859057&adk=2353355361&adf=1860012115&pi=t.ma~as.7659859057&w=1000&lmt=1660448809&rafmt=12&psa=0&format=1000x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808732&bpp=1&bdt=924&idt=366&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x250&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=h5jvuE1nNT&p=https%3A//www.moirebenok.ua&dtd=368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:26:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 622C 140 KB
44 KB 190ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:46:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 622C 17 KB
8 KB 183ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:14:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 622C 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2uW-KXD4Yr2PDZfe3wPs7pmYB8me0rFc9eqhhogBwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTGAU_QpaqU9dc9GNq-WVY5spIap1JcSCtuRZ9TyUwJORjz6yRdSwHSL1DkhOQSV4-oX51yiSn3Zh1nQNl8Fyun16v1dqsT2jWhA-TVKWDFL37mbpdVxPQ7k7ZmFSvuvoX5kPNU3fctmwAb5iRSJKqXsXuiyUbXIE37InePkYfgW_ngTpGlgA0WMgHk921drlq-zdI_uLwvwl4ZYx9wJpNBQw1WRac2dtpwUKJXQ1CE0Q8BVupVfcz1U_lczqRQwB4Giowfla0DVYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzE0MTY4ODY4NzkxODU5OBgA&sigh=ualj36M0tUg&uach_m=[UACH]&cid=CAQSGwCsnQUx8lK47htW_OM1QSzT_8jAHZ1Sovj-fxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=7659859057&adk=2353355361&adf=1860012115&pi=t.ma~as.7659859057&w=1000&lmt=1660448809&rafmt=12&psa=0&format=1000x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808732&bpp=1&bdt=924&idt=366&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x250&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=h5jvuE1nNT&p=https%3A//www.moirebenok.ua&dtd=368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Aug 2022 03:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Aug 2022 03:46:49 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 622C 0
0 519ms
60ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kJCTFMz6ROgH-gGdg2ICAgAAACJqu61330VzEChw-GJjbRVlHZbnd11PVQASAAA&wp=YvhwKQADR70Kd-8XAAZ3bOp5GJvlj8pVBwBjXA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 344524
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B869 178 KB
55 KB 309ms
194ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YvhwKQADR70Kd-8XAAZ3bOp5GJvlj8pVBwBjXA&u=%7CGrJYC9S4%2BjBeSWqm6%2FW8lAhSrfCHJO%2BHFLUNwoIhyxo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi67Py6EMArozB5jyo1UywDe8xTxgO4NR5rMIVsjajSTwuCdCMoq3eamhIoqM4f_Qe0wQsZwBd-qnlEDf1r6UQKAYSNnPnarMLoOf8la5WNmmlVimZCdUOGNfkh5sU9SHys-uhOG5HqIaVQ6UQIWluawEK_oqm-bgpm9r5tFjHSfQaC5xk1RCuxiODKEtOUd8P8uMfYCS4xc_HPhiNyGdwWPr3gbepl0zWfdq2n6UysWjoQaB5H1q-bclVmBKrphaG9SHbBruP3xn8bFwry8zL-pOk9TPnimVybk2ysn9IUDr1z_FJFyfdHDjfCgazdqRklFT6c4L2n4fB8rtGfaWxBCBkddpO5bwV7hZxcWyRlLgs3yp_HirATnaAYKtqrn_3VYchdq7l3cRgN9nM4mL3sBGuwfjKBHGnyQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNH6vKXD4Yr2PDZfe3wPs7pmYB8me0rFc9eqhhogBwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTJAU_QpaqU9dc9GNq-WVY5spIap1JcSCtuRZ9TyUwJORjz6yRdSwHSL1DkhOQSV4-oX51yiSn3Zh1nQNl8Fyun16v1dqsT2jWhA-TVKWDFL37mbpdVxPQ7k7ZmFSvuvoX5kPNU3fctmwAb5iRSJKqXsXuiyUbXIE37InePkYfgW_ngTpGlgA0WMgHk921drlq-zdI_uLwvwl4ZYx9wJpNBQw0UR4ak8VXsQx3LV_NU7Kn5X_5fy8bbS3voBpn2MqEYppSaPykQ6mHEHYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TaEGBjNNQX1TaAFSKSGu8E_PZaw%26client%3Dca-pub-7141688687918598%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9554a6ce8e55e6a3aea580a84f81a6e2d69343c89fafc14b5e9524941414b4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=F2IBO82gPNGzuefPKFZYMEC2fu1pO4B7o7ngXrGGUXfqmpTLxxpQ7N_hpDoMYuNtM0ShnUrTL3Sai1YAbaFM752FRnLFSakZ4qg45IbhcKchAg6igHIO3DuT6uEMIfBusEeUChNaIS9TLIhYUNT-_Rf2zCiitW3FszU6ccAB9-XnVW5tYoGYLmIjuLBM8fG5eAAwp7fE54Q26CrJ6Qx2f1U4cyGOHuhzq98hK5M19jV7BKU4no-M5xa1hhd5T490va1BXQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 126645803
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 182ms
64ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59638469-2&cid=1916196167.1660448809&jid=1397189731&_u=YChAgAABAAQCAE~&z=1199400256

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 183ms
65ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59638469-2&cid=1916196167.1660448809&jid=1397189731&_u=YChAgAABAAQCAE~&z=1199400256

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E450 170 KB
56 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5556680f7fe894a585536dac8412b5dfaa6e2ffa8893b98d4a19ef1a20747c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Origin: https://www.moirebenok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57413
x-xss-protection: 0
server: cafe
etag: 13750711711474324450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 03:46:49 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 54ms
54ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=5805c5dc57dc4e5d8139152b50afec8c&cet=4&zone=E62E3DDF-D324-432B-AC56-25C713463CC4&rule=B636317B-3B3F-4C45-BB00-BA24965406EF&requestId=81634297-85f6-48eb-bc5c-f961a0bd8737&hp=-1090256381&page=www.moirebenok.ua%2F&pvid=8feff600-d709-4aff-9316-07a44845295c&inst=ADS-EU-7&ts=637960456087754971&sf=0

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 03:46:49 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame D75D 6 KB
1 KB 178ms
62ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=5442240898&adk=3104416150&adf=76155185&pi=t.ma~as.5442240898&w=940&lmt=1660448809&rafmt=12&psa=0&format=940x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808731&bpp=1&bdt=923&idt=339&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Hz6pXzHLw&p=https%3A//www.moirebenok.ua&dtd=346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Aug 2022 02:16:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 14 Aug 2022 03:46:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Aug 2022 03:46:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame D75D 2 KB
983 B 53ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 02:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 02:50:48 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D75D 0
0 102ms
102ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0IQZKXD4YreMDZ6OjuwPz4uTmAeF7LLga4CthOriD8CNtwEQASCLpbuOAWCVAqABooPwmgLIAQmpArGAilNzNrE-qAMByAPLBKoE3AFP0LOS7ftHRXfsNFLEPsRGscfTXq8jXawVwug27hYu8GG3sh-1_Nov2o_fjDYZH5ZKicdAA4-lB010JNg6HsgeKz-2CSNL5gPy9YRGkKJEQYEw64f5C67Tw0eluWvqwoNWw7tdfvoIuS9jK7bnaseo3GqAEa6ep3Hd-Aty7yMA6ZZRmYBT5cRuOajVqT3p3zFx8xGhhS0EvtHlp5Fa3tr4V8IfycrXJm133UYQsblTWfvx8eicpCACgfhTvf0SKU47TCcDIFMOX-5GuMpMs6GR1Csdy3tD5G1qgUbawAT63c6UmQOSBQQIBBgBkgUECAUYBKAGLoAHxvyP5QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDW0wvSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNzE0MTY4ODY4NzkxODU5OBgA&sigh=lwRv0Khu88Y&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=5442240898&adk=3104416150&adf=76155185&pi=t.ma~as.5442240898&w=940&lmt=1660448809&rafmt=12&psa=0&format=940x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808731&bpp=1&bdt=923&idt=339&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpoeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Hz6pXzHLw&p=https%3A//www.moirebenok.ua&dtd=346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Aug 2022 03:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame D75D 23 KB
10 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:17:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame D75D 3 KB
1 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:26:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame D75D 17 KB
7 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:14:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D75D 140 KB
43 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:46:49 GMT

GET
H2 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame D75D 32 KB
14 KB 182ms
53ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9352330982116162184/ Frame D75D 21 KB
21 KB 81ms
81ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9352330982116162184/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee18d13fdd6c06a906e9e830c8c963af53c36c0d223139a5ff800b7bcb8801d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 11:27:42 GMT
x-content-type-options: nosniff
age: 490747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21173
x-xss-protection: 0
last-modified: Fri, 04 Feb 2022 16:42:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 11:27:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ Frame 5188 340 KB
120 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=moirebenok.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79ec114fe61962245f46918159d1879c6e3f17976b9d96ae8080f7a8e60a3ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122760
x-xss-protection: 0
server: cafe
etag: 8688171955994840711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 03:46:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ Frame E450 340 KB
120 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=www.moirebenok.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d81f42c68afe5817619165de86e7fdd6ba8a67716798c2112fffa30162f08fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122753
x-xss-protection: 0
server: cafe
etag: 488620963171871103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 03:46:49 GMT

GET
DATA 200
OK truncated
/ Frame D75D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7cc8bcfc1fc5d16824ad26c767cab40ec9ab396fc1163f926e3ef451615962e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 622C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bad1a08bd9891a3223da6570294dced9b86cb7399af63277aa51e3ec7241512

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B869 2 KB
1 KB 57ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvhwKQADR70Kd-8XAAZ3bOp5GJvlj8pVBwBjXA&u=%7CGrJYC9S4%2BjBeSWqm6%2FW8lAhSrfCHJO%2BHFLUNwoIhyxo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi67Py6EMArozB5jyo1UywDe8xTxgO4NR5rMIVsjajSTwuCdCMoq3eamhIoqM4f_Qe0wQsZwBd-qnlEDf1r6UQKAYSNnPnarMLoOf8la5WNmmlVimZCdUOGNfkh5sU9SHys-uhOG5HqIaVQ6UQIWluawEK_oqm-bgpm9r5tFjHSfQaC5xk1RCuxiODKEtOUd8P8uMfYCS4xc_HPhiNyGdwWPr3gbepl0zWfdq2n6UysWjoQaB5H1q-bclVmBKrphaG9SHbBruP3xn8bFwry8zL-pOk9TPnimVybk2ysn9IUDr1z_FJFyfdHDjfCgazdqRklFT6c4L2n4fB8rtGfaWxBCBkddpO5bwV7hZxcWyRlLgs3yp_HirATnaAYKtqrn_3VYchdq7l3cRgN9nM4mL3sBGuwfjKBHGnyQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNH6vKXD4Yr2PDZfe3wPs7pmYB8me0rFc9eqhhogBwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTJAU_QpaqU9dc9GNq-WVY5spIap1JcSCtuRZ9TyUwJORjz6yRdSwHSL1DkhOQSV4-oX51yiSn3Zh1nQNl8Fyun16v1dqsT2jWhA-TVKWDFL37mbpdVxPQ7k7ZmFSvuvoX5kPNU3fctmwAb5iRSJKqXsXuiyUbXIE37InePkYfgW_ngTpGlgA0WMgHk921drlq-zdI_uLwvwl4ZYx9wJpNBQw0UR4ak8VXsQx3LV_NU7Kn5X_5fy8bbS3voBpn2MqEYppSaPykQ6mHEHYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TaEGBjNNQX1TaAFSKSGu8E_PZaw%26client%3Dca-pub-7141688687918598%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame B869 2 KB
1 KB 57ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B869 308 B
636 B 57ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B869 293 B
621 B 58ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame B869 43 B
348 B 261ms
60ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SQPBCCB1GfGKclueEhCYwN_E1ni3_vXMVX7cZRl7AFpBuhHW8MwzHpQndATk7XjwaWlkpqrW7nM-NKf2vC_sKCcTX_DlL737ZWDoRLD5Jc_z8yjR_JrtkSoplvtqNJN_UEma1zt9qtVWGi_NdpOlmHbZsxMEyjYg4mo65_FSXOqbIGFzUcIx9kcETCOEMjId80L5birecSNxj3snjDwzxj7GO2nDZNjmOkI7jNNscsQZJRzT_yawoQAVtvcIA08mukvvAcFWhWIMfFIrE2_c6VxBZvV_pQizyMiag0CXaNciLNcjJFX4nzurVFYqs_jvCh0H3V5rlt5obtujDvDDRBMmNCIKsR87O5b-OU3HRqusoz4lQviJs6q77iiCiSf8FWrH0F-tYH8KU4lUSZyCos6wioH-GpV2cWYWGanM2u0H5lAX3JyH4Tbxz5tkpZFYL09y1w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:49 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3354850
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame B869 0
690 B 383ms
184ms Image
text/plain 2600:9000:206e:b400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1660448809
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvhwKQADR70Kd-8XAAZ3bOp5GJvlj8pVBwBjXA&u=%7CGrJYC9S4%2BjBeSWqm6%2FW8lAhSrfCHJO%2BHFLUNwoIhyxo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi67Py6EMArozB5jyo1UywDe8xTxgO4NR5rMIVsjajSTwuCdCMoq3eamhIoqM4f_Qe0wQsZwBd-qnlEDf1r6UQKAYSNnPnarMLoOf8la5WNmmlVimZCdUOGNfkh5sU9SHys-uhOG5HqIaVQ6UQIWluawEK_oqm-bgpm9r5tFjHSfQaC5xk1RCuxiODKEtOUd8P8uMfYCS4xc_HPhiNyGdwWPr3gbepl0zWfdq2n6UysWjoQaB5H1q-bclVmBKrphaG9SHbBruP3xn8bFwry8zL-pOk9TPnimVybk2ysn9IUDr1z_FJFyfdHDjfCgazdqRklFT6c4L2n4fB8rtGfaWxBCBkddpO5bwV7hZxcWyRlLgs3yp_HirATnaAYKtqrn_3VYchdq7l3cRgN9nM4mL3sBGuwfjKBHGnyQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNH6vKXD4Yr2PDZfe3wPs7pmYB8me0rFc9eqhhogBwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTJAU_QpaqU9dc9GNq-WVY5spIap1JcSCtuRZ9TyUwJORjz6yRdSwHSL1DkhOQSV4-oX51yiSn3Zh1nQNl8Fyun16v1dqsT2jWhA-TVKWDFL37mbpdVxPQ7k7ZmFSvuvoX5kPNU3fctmwAb5iRSJKqXsXuiyUbXIE37InePkYfgW_ngTpGlgA0WMgHk921drlq-zdI_uLwvwl4ZYx9wJpNBQw0UR4ak8VXsQx3LV_NU7Kn5X_5fy8bbS3voBpn2MqEYppSaPykQ6mHEHYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3TaEGBjNNQX1TaAFSKSGu8E_PZaw%26client%3Dca-pub-7141688687918598%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:b400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: i68G1HQZluHPlkYBrDPoqPpsoQRyf05KYpqUrH4VHnCkLSFvOFNuWA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D75D 15 KB
16 KB 198ms
54ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 598629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 05:29:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D75D 15 KB
15 KB 257ms
115ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 489573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 11:47:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D75D 15 KB
15 KB 210ms
70ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 243899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 08:01:51 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 609B 0
15 B 68ms
68ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.moirebenok.ua
Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.moirebenok.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:49 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 5188 12 B
53 B 171ms
61ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=moirebenok.ua&callback=_gfp_s_&client=ca-pub-7141688687918598&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5188 107 B
122 B 172ms
62ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=moirebenok.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5188 107 B
122 B 174ms
64ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=moirebenok.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F07 0
16 B 143ms
141ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=2373185784&plat=1%3A1536%2C2%3A1536%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809704&bpp=3&bdt=303&idt=167&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&nras=1&correlator=8598619826881&frm=24&ife=1&pv=2&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.y6fxslgl5px5&fsb=1&dtd=184

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B869 12 KB
6 KB 59ms
58ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EDF 26 KB
12 KB 194ms
193ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=280&slotname=6075314649&adk=1065767661&adf=3279755402&pi=t.ma~as.6075314649&w=1200&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809707&bpp=1&bdt=305&idt=192&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8598619826881&frm=24&ife=1&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.7k116ttybet1&fsb=1&dtd=195

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5730581950383bcc3585e2187c3a8ee3e1c1a341b8d34fad45326a0f139a3c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 11770
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 7 KB
7 KB 335ms
110ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=m1GX_QMlGpodNuu18g8N-1Gj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30774506
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6722
expires: Sat, 05 Aug 2023 08:15:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 3 KB
3 KB 341ms
117ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoAsklepios-Klinik-Nord-95492DE-2205171659.gif%3Feb%3D1&v=3&w=400&s=77U1gqOkkHhz3SRa9mZg8Atc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f000b85e888d98144ce469e6cac3d8e9bf1eea9e4e29ebcf1faab52b054fb35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3108
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 3 KB
3 KB 281ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoStepStone-sucht-fur-das-Deutsche-Rote-Kreuz-295856DE-2203290822.gif%3Feb%3D1&v=3&w=400&s=Sub1ufbkaEPVL_nnvgia_tmB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1181313
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2742
expires: Sat, 27 Aug 2022 19:55:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 1 KB
1 KB 336ms
112ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FL%2FlogoLandeshauptstadt-Stuttgart-188529DE.gif%3Feb%3D1&v=3&w=400&s=P-hanrObbpL4Jhq15Nk_dGLg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8081c76de1493e67239a84553a77c274e740ef5dfffc875d12b94eafd6729d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2529832
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1226
expires: Mon, 12 Sep 2022 10:30:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 1 KB
1 KB 337ms
113ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1818152
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Sun, 04 Sep 2022 04:49:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 2 KB
2 KB 335ms
110ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FV%2FlogoVerlag-C-H-Beck-oHG-52334DE.gif%3Feb%3D1&v=3&w=400&s=JHVJjH4Qp1qxzfQTm22gmjqx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ccc69f4e56001ce28d48f35df000e3f519c7e601824187f9f1d900ea18bb93b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=53638
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1838
expires: Sun, 14 Aug 2022 18:40:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 2 KB
2 KB 77ms
76ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=587985
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sat, 20 Aug 2022 23:06:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 2 KB
2 KB 78ms
77ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoLebensWelt-Kindertagesstaette-Reinickendorf-gGmbH-230534DE.gif%3Feb%3D1&v=3&w=400&s=N1PDOxELn27nCI7e2jXHfemc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

92ea73bf1dfdbbac475dc32ecbe4e247b1a5fad35a9e934f037868281e7b6712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=2378588
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2005
expires: Sat, 10 Sep 2022 16:29:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B869 3 KB
3 KB 81ms
80ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoHauptzollamt-Duisburg-310918DE-2208031234.gif%3Feb%3D1&v=3&w=400&s=JfQGm2KNGSvRcteT-AUCv5CD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a0df9cbd5e46fc9b1c5ee17e3c7b9ccfcf6f9115512807f1725f6fcf8d9b8c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1920917
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3074
expires: Mon, 05 Sep 2022 09:22:07 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B869 0
128 B 181ms
55ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=F2IBO82gPNGzuefPKFZYMEC2fu1pO4B7o7ngXrGGUXfqmpTLxxpQ7N_hpDoMYuNtM0ShnUrTL3Sai1YAbaFM752FRnLFSakZ4qg45IbhcKchAg6igHIO3DuT6uEMIfBusEeUChNaIS9TLIhYUNT-_Rf2zCiitW3FszU6ccAB9-XnVW5tYoGYLmIjuLBM8fG5eAAwp7fE54Q26CrJ6Qx2f1U4cyGOHuhzq98hK5M19jV7BKU4no-M5xa1hhd5T490va1BXQ&sds=2&rev=82415&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 14 Aug 2022 03:46:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B869 2 KB
1 KB 67ms
67ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B869 2 KB
1 KB 66ms
66ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:49 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame E450 12 B
53 B 77ms
62ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.moirebenok.ua&callback=_gfp_s_&client=ca-pub-7141688687918598&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame E450 107 B
122 B 80ms
64ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.moirebenok.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E450 107 B
122 B 81ms
64ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.moirebenok.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E450 0
20 B 89ms
89ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.moirebenok.ua%2F&tn=DIV&id=adpartner_2633&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15DF 214 KB
49 KB 344ms
343ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=480832095&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809728&bpp=2&bdt=158&idt=237&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.v62hn97p0nfx&fsb=1&dtd=255

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332bdd388e0755d5941ba7cd61d8895d5284e0627c153f10d5280da8d0fc6e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 50401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E450 14 KB
11 KB 69ms
68ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab978a68ff9ff9f12378f72be0423c327c9aaa67eda35b4c712bd62fba93ca6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11063
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55B8 18 KB
10 KB 344ms
344ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bb0a64e644819aa3dd39233c77d004db16cfbbac096e07ec9a2868aa08bc9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9946
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E450 17 KB
6 KB 182ms
69ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:46:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 5EDF 3 KB
1 KB 124ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=280&slotname=6075314649&adk=1065767661&adf=3279755402&pi=t.ma~as.6075314649&w=1200&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809707&bpp=1&bdt=305&idt=192&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8598619826881&frm=24&ife=1&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.7k116ttybet1&fsb=1&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:26:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EDF 140 KB
43 KB 175ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:46:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 5EDF 17 KB
7 KB 117ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:14:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5EDF 0
0 172ms
61ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnQ1KHQ1lRXP8rdYlGjPDQ8W_-GnoS7HOu_N4rfSAx-1kZnr4l-517XkrSIYqT1Qx3GN3b6bKK12Vl6616hG28_nMvTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=280&slotname=6075314649&adk=1065767661&adf=3279755402&pi=t.ma~as.6075314649&w=1200&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809707&bpp=1&bdt=305&idt=192&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8598619826881&frm=24&ife=1&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.7k116ttybet1&fsb=1&dtd=195
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5EDF 0
0 97ms
96ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEUlIKXD4Yv3XOaO69u8PwIyPgAXJntKxXMWymPdwwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTGAU_QCZyaIhCdY9hhUMTTsgQfMNabArxU20EzjFp4ojnEDSgdXcyzfvocvVba2wG9fkIF03GdbmvHv7YaA9f_fZjTKgykm3n5tiOQbDt8yX_Jjn5RVHtEaKQoB3owIDM_OizinS5r2a4uHjI-HrKC80SA6dxYrIcaoQKaHu9Zb-JlbiqzdpDw1An4PCzDklRxYSpyoV3yuKWsb0fT8UWWVljtI6LRQZ6BUaeG0qGy4ABtX31rbjBM2onFfmUdLpggRZE9Aa4SL4AGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzE0MTY4ODY4NzkxODU5OBgA&sigh=o4saZUevrpg&uach_m=[UACH]&cid=CAQSPACsnQUx08G_3BZyp5IWuIun_vlKoxN6uPJQLshsq5rEj6NoCEN_auPsbbb-prlz8JsDi0H1TfZhRBX6-RgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=280&slotname=6075314649&adk=1065767661&adf=3279755402&pi=t.ma~as.6075314649&w=1200&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809707&bpp=1&bdt=305&idt=192&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8598619826881&frm=24&ife=1&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.7k116ttybet1&fsb=1&dtd=195
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Aug 2022 03:46:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5EDF 0
0 226ms
60ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kJCTFMz6RLAJmAKdg2ICAgAAAFViJEMUL_B4EClw-GLSAxgeMBPB-0jiQgASAAA&wp=YvhwKQAOa_0H_Z0jAAPGQB0FBEIdoN7lgEmWQQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 277771
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1F0B 189 KB
57 KB 185ms
184ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YvhwKQAOa_0H_Z0jAAPGQB0FBEIdoN7lgEmWQQ&u=%7Cd5Cp9rqCfK211g%2ByBlkpNagUPGkqLg2%2B2CImROS%2BeCo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi67Py6EMArozB3p0PJKuqlZdMeMo4U0SYvHRQ9Ol68y4hoV-ZIxtMO8keCMkJsqgqTdHNRBTr_RbMS_oPCuLdw8gkC1sLqjEwzHNyKhRGHTh6wKHtZSMYTOuuJSYDArgmD0cE16G_0ybZPp1eT-fzlOBPLLLQuQPkbjZZRFDJyIv1mnOgK1uy8ulW7LL8w3Zd6klUE7mjxrr02Hw2qx21D_KF3mQ8FkrLA90VjJvtwPjzKMql9q7-1J_MaKMVxp4eNUrhvEy3bq0FHLH2e6e-aLbIbTZ0zcjCuljImr4mjLRQZAQ20rNk73IXIupTFZGlMZnDVCpFaUrH5kB-aqpm02R7DvMAmkDL0gURU4bQl_rupqhLM1t2f4teo5uoRJc3xiw8iz0Y8LxyRb7Gtwyf7ag-2jEAnN0c_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnqjxKXD4Yv3XOaO69u8PwIyPgAXJntKxXMWymPdwwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTJAU_QCZyaIhCdY9hhUMTTsgQfMNabArxU20EzjFp4ojnEDSgdXcyzfvocvVba2wG9fkIF03GdbmvHv7YaA9f_fZjTKgykm3n5tiOQbDt8yX_Jjn5RVHtEaKQoB3owIDM_OizinS5r2a4uHjI-HrKC80SA6dxYrIcaoQKaHu9Zb-JlbiqzdpDw1An4PCzDklRxYSpyoV3yuKWsb0fT8UWWVlivIYNDxhEdQhgaxgJi3aaVVmlh2Dpiwgtxtli73Cc-aYm4qyoBkHxE_YAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dsCgUB_yOZtGsqxvB13RZ2itgpQ%26client%3Dca-pub-7141688687918598%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d34532392a8f18f6b67b608e1543f398991e0aeb2094c71020a0627e9c48c6a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jRXdN82gPNGzuefPxoqUsb-8y7ku2ZxI0PgCDdi1vEwetI9txhO45F276VYfGguCg1WiKqmyN1WMRVqkfgwQ3eA4nLWdbiY2oksOpxqzPJjEK08p3A0lmTd0m7oLUC9ys-lIuTLTkXbUF-WotXywDn5fsWjH5L6n1wyz75XfZbUaxXJAM-tXn3S_cAWFXt2j8nYCju0t97nY9BEsj959XyvQy-mT-Xw7A2EqfxOBzkF866dwo4IaJiJMHd9_Y78tDsnPtg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 115951869
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 247A 1 KB
749 B 54ms
54ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 40773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Aug 2022 16:27:17 GMT
etag: 48472445140208031
expires: Sun, 14 Aug 2022 16:27:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame A69F 36 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 247A 35 B
464 B 212ms
62ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIR3Z6QxkFtfdWR-xgoTIyc&google_cver=1&google_push=AehlK4BoPzqh3I4KdFvlzYoKem1cP36Vn9NyQ3EYa2l-UAMUGPILV7fMN3j31kPm3ZKvlVxcBVWofs_EGKfRxuutY4oFKfaWrwgY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 247A 0
98 B 187ms
62ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AE8IcGUXGw1BsG7UTB7tF1FsrtVLTLm1U90EdjGyTG5ZPsK1OmYvIB6YA1y6F-n8ZaZO_yymOlAHSMO6g83b3oQAL9AyAN&google_gid=CAESEER7B9c-uLUBp2EXQBZGdqM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=280&slotname=6075314649&adk=1065767661&adf=3279755402&pi=t.ma~as.6075314649&w=1200&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809707&bpp=1&bdt=305&idt=192&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8598619826881&frm=24&ife=1&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.7k116ttybet1&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 247A 43 B
351 B 186ms
62ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECtAxP73iuCrmalN6obYWaQ&google_cver=1&google_push=AehlK4ATUegdWvI9xQ2S6seEFwCPpD4ZFxC179hmNZdgcrEEgviVGo6_YCMDXUnco7tkCPXlyvFbXIeK8RtQCdLi-hQNfbO-4O2c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=280&slotname=6075314649&adk=1065767661&adf=3279755402&pi=t.ma~as.6075314649&w=1200&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809707&bpp=1&bdt=305&idt=192&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8598619826881&frm=24&ife=1&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.7k116ttybet1&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:49 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: gj4dfvks1a24ljeid3qa17i8r29qn7a3

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 247A 0
166 B 827ms
54ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOJjiviOaWomCHQ_xp3Daao&google_cver=1&google_push=AehlK4C3jbrN1nwT0s6hxFOAnPkyezgCgc_5C6LBsJAvLDB8Br6VHOxXUbtgSjVMSjW48nYIaQnoYsNsmib9OHw4QiJ9wh7oDMxR
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=280&slotname=6075314649&adk=1065767661&adf=3279755402&pi=t.ma~as.6075314649&w=1200&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809707&bpp=1&bdt=305&idt=192&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8598619826881&frm=24&ife=1&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=708433834&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1371&ish=300&ifk=2039486822&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C21065724&oid=2&pvsid=1988656363999141&tmod=1265524070&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1371%2C300&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.7k116ttybet1&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 247A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECpeTt6u4_pfxmO49lEVnOw&google_cver=1&google_push=AehlK4BnZDO0hD-2bd-k7TDWxdC_V6npLhC47yGSUu4cCHOVeomty7puparruOYkmbHMiv38i2A...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZTU0NMVVctMjAtNzNYQQ==&google_push=AehlK4BnZDO0hD-2bd-k7TDWxdC_V6npLhC47yGSUu4cCHOVeomty7puparruOYkmbHMiv38i2A0Z5pxA9rwQPpcPfWTppFD8N4Z

170 B
188 B

174ms
65ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZTU0NMVVctMjAtNzNYQQ==&google_push=AehlK4BnZDO0hD-2bd-k7TDWxdC_V6npLhC47yGSUu4cCHOVeomty7puparruOYkmbHMiv38i2A0Z5pxA9rwQPpcPfWTppFD8N4Z

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZTU0NMVVctMjAtNzNYQQ==&google_push=AehlK4BnZDO0hD-2bd-k7TDWxdC_V6npLhC47yGSUu4cCHOVeomty7puparruOYkmbHMiv38i2A0Z5pxA9rwQPpcPfWTppFD8N4Z
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 247A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB-fOMoEYx7XcjYIpTKPAnE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB-fOMoEYx7XcjYIpTKPAnE&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-fOMoEYx7XcjYIpTKPAnE&google_hm=YvhwKuRiHCQMELf1KtVqAAAABGIAAAAB&google_nid=index&google_push=AehlK4CM1C3zslXscKrUsyGvwS0cSt9X_AORT...

170 B
188 B

64ms
63ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-fOMoEYx7XcjYIpTKPAnE&google_hm=YvhwKuRiHCQMELf1KtVqAAAABGIAAAAB&google_nid=index&google_push=AehlK4CM1C3zslXscKrUsyGvwS0cSt9X_AORTttepkLfrACZxdDropMmH68fuNXqhMytupoIWEZcUlHAc7c6up-qq2LhbLh3rSvd

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bi3foAsiuGuFX0%2B%2F6N7g5%2Bwg3EnRKX%2FWcDwXnNz3oKwTDCmS8Vgni4yYcnCUbG4dz7X5IUYtJhhhh14rvfaJe%2Bogsbe3wDIv8beAHLM9f4BXnDkaRC4i8lXpUZzXjOtvhim8bPIHCwH6kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-fOMoEYx7XcjYIpTKPAnE&google_hm=YvhwKuRiHCQMELf1KtVqAAAABGIAAAAB&google_nid=index&google_push=AehlK4CM1C3zslXscKrUsyGvwS0cSt9X_AORTttepkLfrACZxdDropMmH68fuNXqhMytupoIWEZcUlHAc7c6up-qq2LhbLh3rSvd
cache-control: no-cache
cf-ray: 73a6b4ab3860769d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 247A 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 247A 0
232 B 194ms
61ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lt72PdE7SgRtSsDixMkm53MXXYJfFMtEv67QLkTQ5lPNK_Lp2FtZ87SYdm_ywDXl6W_KP2NQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F99 13 KB
5 KB 55ms
54ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 22617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Aug 2022 21:29:53 GMT
expires: Sun, 13 Aug 2023 21:29:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9E0A 783 B
535 B 64ms
63ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0d00f27bc3c1f2f319d6db5ede8140980e1dcfe7783fc8d7d1284f43dd041e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-laTwo59sJpfkLxT0S1B8aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-laTwo59sJpfkLxT0S1B8aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:50 GMT
expires: Sun, 14 Aug 2022 03:46:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1F0B 2 KB
1 KB 59ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvhwKQAOa_0H_Z0jAAPGQB0FBEIdoN7lgEmWQQ&u=%7Cd5Cp9rqCfK211g%2ByBlkpNagUPGkqLg2%2B2CImROS%2BeCo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi67Py6EMArozB3p0PJKuqlZdMeMo4U0SYvHRQ9Ol68y4hoV-ZIxtMO8keCMkJsqgqTdHNRBTr_RbMS_oPCuLdw8gkC1sLqjEwzHNyKhRGHTh6wKHtZSMYTOuuJSYDArgmD0cE16G_0ybZPp1eT-fzlOBPLLLQuQPkbjZZRFDJyIv1mnOgK1uy8ulW7LL8w3Zd6klUE7mjxrr02Hw2qx21D_KF3mQ8FkrLA90VjJvtwPjzKMql9q7-1J_MaKMVxp4eNUrhvEy3bq0FHLH2e6e-aLbIbTZ0zcjCuljImr4mjLRQZAQ20rNk73IXIupTFZGlMZnDVCpFaUrH5kB-aqpm02R7DvMAmkDL0gURU4bQl_rupqhLM1t2f4teo5uoRJc3xiw8iz0Y8LxyRb7Gtwyf7ag-2jEAnN0c_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnqjxKXD4Yv3XOaO69u8PwIyPgAXJntKxXMWymPdwwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTJAU_QCZyaIhCdY9hhUMTTsgQfMNabArxU20EzjFp4ojnEDSgdXcyzfvocvVba2wG9fkIF03GdbmvHv7YaA9f_fZjTKgykm3n5tiOQbDt8yX_Jjn5RVHtEaKQoB3owIDM_OizinS5r2a4uHjI-HrKC80SA6dxYrIcaoQKaHu9Zb-JlbiqzdpDw1An4PCzDklRxYSpyoV3yuKWsb0fT8UWWVlivIYNDxhEdQhgaxgJi3aaVVmlh2Dpiwgtxtli73Cc-aYm4qyoBkHxE_YAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dsCgUB_yOZtGsqxvB13RZ2itgpQ%26client%3Dca-pub-7141688687918598%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1F0B 2 KB
1 KB 59ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1F0B 308 B
636 B 59ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1F0B 293 B
621 B 60ms
58ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1F0B 43 B
347 B 61ms
59ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=FCsqwiB1GfGKclueEhCYwN_E1nhRbtPvH8Hi5TV57DK__11FasPUqJf1x5tlHk2G0pjq4FKUUBKA3AhTIiqW4wffQo5tE01Paaonp1wAQPmFU3P8liVbYVaCce6tWpjI102-hSI-u9Hrw4nj2v-GciOTJR2Rdd-M4M2P-adgvgLU_hC4tSlNYlyvlbcO7tkXGy_D_9cv4Kz1j-gwn2mWOX2aRKrNXhC8TkDWXVIaaYb2prFInh26thuvo9X5YA_ISsSm2VnkelQKKq6LH5kAtyRFMjq2EphdMPGhedhSXVoNGBjkYahWJ1O3Ym8geDJu9JlIKPI5mDMJrgyC7qAvwImu8vt1g--UPYfpZV7zm_PDbEftStjQv0cdG0R2BYi1IAhvFzlUYXMa0V3k9IbpnbMAqHZF042oVUFjd-s5bd9DlKb1_WNkges_cdoBBtOFmFVCpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2689527
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 1F0B 0
690 B 411ms
410ms Image
text/plain 2600:9000:206e:b400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1660448809
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvhwKQAOa_0H_Z0jAAPGQB0FBEIdoN7lgEmWQQ&u=%7Cd5Cp9rqCfK211g%2ByBlkpNagUPGkqLg2%2B2CImROS%2BeCo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi67Py6EMArozB3p0PJKuqlZdMeMo4U0SYvHRQ9Ol68y4hoV-ZIxtMO8keCMkJsqgqTdHNRBTr_RbMS_oPCuLdw8gkC1sLqjEwzHNyKhRGHTh6wKHtZSMYTOuuJSYDArgmD0cE16G_0ybZPp1eT-fzlOBPLLLQuQPkbjZZRFDJyIv1mnOgK1uy8ulW7LL8w3Zd6klUE7mjxrr02Hw2qx21D_KF3mQ8FkrLA90VjJvtwPjzKMql9q7-1J_MaKMVxp4eNUrhvEy3bq0FHLH2e6e-aLbIbTZ0zcjCuljImr4mjLRQZAQ20rNk73IXIupTFZGlMZnDVCpFaUrH5kB-aqpm02R7DvMAmkDL0gURU4bQl_rupqhLM1t2f4teo5uoRJc3xiw8iz0Y8LxyRb7Gtwyf7ag-2jEAnN0c_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnqjxKXD4Yv3XOaO69u8PwIyPgAXJntKxXMWymPdwwI23ARABIABglQKCARdjYS1wdWItNzE0MTY4ODY4NzkxODU5OKAB1bbS6gPIAQmpArGAilNzNrE-qAMBqgTJAU_QCZyaIhCdY9hhUMTTsgQfMNabArxU20EzjFp4ojnEDSgdXcyzfvocvVba2wG9fkIF03GdbmvHv7YaA9f_fZjTKgykm3n5tiOQbDt8yX_Jjn5RVHtEaKQoB3owIDM_OizinS5r2a4uHjI-HrKC80SA6dxYrIcaoQKaHu9Zb-JlbiqzdpDw1An4PCzDklRxYSpyoV3yuKWsb0fT8UWWVlivIYNDxhEdQhgaxgJi3aaVVmlh2Dpiwgtxtli73Cc-aYm4qyoBkHxE_YAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dsCgUB_yOZtGsqxvB13RZ2itgpQ%26client%3Dca-pub-7141688687918598%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:b400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: VIE50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: QeI9IEB8IQCtcilULHSbXE1rUZRItvU5oQtRqMIn7G7UYeyONqMrmg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1F0B 12 KB
6 KB 58ms
58ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
DATA 200
OK truncated
/ Frame 5EDF 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af8fcff1add7b573b30d2072f3acfa666873ee8fb80d1984ba6874f573d29600

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 2 KB
2 KB 57ms
56ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=587984
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sat, 20 Aug 2022 23:06:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 1 KB
1 KB 60ms
59ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1818152
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Sun, 04 Sep 2022 04:49:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 2 KB
2 KB 72ms
71ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ccc69f4e56001ce28d48f35df000e3f519c7e601824187f9f1d900ea18bb93b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=53638
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1838
expires: Sun, 14 Aug 2022 18:40:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 3 KB
3 KB 59ms
58ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a0df9cbd5e46fc9b1c5ee17e3c7b9ccfcf6f9115512807f1725f6fcf8d9b8c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1920916
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3074
expires: Mon, 05 Sep 2022 09:22:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 1 KB
1 KB 71ms
71ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8081c76de1493e67239a84553a77c274e740ef5dfffc875d12b94eafd6729d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2529832
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1226
expires: Mon, 12 Sep 2022 10:30:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 3 KB
3 KB 65ms
64ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1181313
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2742
expires: Sat, 27 Aug 2022 19:55:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 2 KB
2 KB 69ms
68ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

92ea73bf1dfdbbac475dc32ecbe4e247b1a5fad35a9e934f037868281e7b6712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=2378588
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2005
expires: Sat, 10 Sep 2022 16:29:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 3 KB
3 KB 68ms
67ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f000b85e888d98144ce469e6cac3d8e9bf1eea9e4e29ebcf1faab52b054fb35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3108
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 5 KB
5 KB 77ms
76ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=WVunQn1urfIF5n-zpdjitqDp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29553692
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5106
expires: Sat, 22 Jul 2023 05:08:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 2 KB
3 KB 70ms
70ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoSMS-group-GmbH-153080DE.gif%3Feb%3D1&v=3&w=400&s=TMYEq9d7X9TteTx1nzsNIVN1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5db30952562b2a6a26eef2331a811d4d209861f47b188e9e2fa2055258c991d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2242876
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2354
expires: Fri, 09 Sep 2022 02:48:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F0B 2 KB
2 KB 80ms
80ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMalteser-Hilfsdienst-e-V-770DE.gif%3Feb%3D1&v=3&w=400&s=HOBQQANtw9q3snp0Z1q0uE0g&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

90bbcb9db7c9cb053c19be00501d286e22046a098a831cbfcd88f03a02c19836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=970415
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2288
expires: Thu, 25 Aug 2022 09:20:25 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1F0B 0
127 B 55ms
55ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=jRXdN82gPNGzuefPxoqUsb-8y7ku2ZxI0PgCDdi1vEwetI9txhO45F276VYfGguCg1WiKqmyN1WMRVqkfgwQ3eA4nLWdbiY2oksOpxqzPJjEK08p3A0lmTd0m7oLUC9ys-lIuTLTkXbUF-WotXywDn5fsWjH5L6n1wyz75XfZbUaxXJAM-tXn3S_cAWFXt2j8nYCju0t97nY9BEsj959XyvQy-mT-Xw7A2EqfxOBzkF866dwo4IaJiJMHd9_Y78tDsnPtg&sds=2&rev=82415&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 14 Aug 2022 03:46:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1F0B 2 KB
1 KB 57ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1F0B 2 KB
1 KB 57ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Aug 2023 03:46:50 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F99 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9E0A 0
0 87ms
87ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=2324079875339893&rc=
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55B8 42 B
63 B 88ms
87ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASoOAREEOzPT_9Jl8h4bAjmaRhLb5l23VDzErJHfrltu7cowZ_wXOuODzNjiu5XnUfAdh09HQ8ujMtZRsjKCNpOPzvEMu816an_QnnRs0fF1uLy0I

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 55B8 47 KB
13 KB 574ms
56ms Script
application/javascript 18.202.123.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481226352&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.moirebenok.ua/
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.123.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-123-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6b8863303bb7767ef0440576085edd5b60e0158a866f9596263204f243ffd797

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 55B8 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:26:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55B8 140 KB
43 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:46:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 55B8 17 KB
7 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:14:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 55B8 0
0 62ms
61ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQl8EmY8YZaMbJ1y6k7vp_ZsIRMTJ5awslb1c5La3RpJk7E-gbbRxk1KJXVoatVssl6HTDlMCjjcqvc0JjmagkDK5JGrQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C684 624 B
299 B 65ms
65ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW52c1LdTfgYESgcVh5YKVDsOm2x9GFaTMmKAwLPhRES6t2gajvX5k-Sgg14BbJU3xYtcGg3AtRlMH2Zpz6ppmcyRyHeqT89f8GkLF1DvN96iCS3UYOIKlD_uFeJiMO8zH_YhGv9s3h7tqW4ToNlaVVJ2h1nJbI0H5USUrovwgxyuv_DqE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:50 GMT
expires: Sun, 14 Aug 2022 03:46:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 55B8 85 KB
34 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYGWa4RwFjkX6pOCfJ18VKmOw-vWmXfT2kxHZwPrljTjKOhqyWM1togwb6oBazMsdjPUee5ljNCvkJj4cwijdEz6-QWdo6Oem_7HO7rU6RxTiTWaJ114mLmiS17ZpyNKmsh3x7vO67lBizZZIF2qzDeRjdUg&dbm_d=AKAmf-Bc9zc2fqaMxCa6cQUICvUNrqR2e-RXu_riayVjmQNM3_QHKcQ1HtGNS1oeajiz75mL90O7r7An2CsZieDUie-JDwEiPzsk_oeogczKFYYfEKVNWaInFQvdcME5C8KTjDWHXJdUKTlLfKhuxh_fjYX9B-XwdmOSXvGjjsozdYODqt8WKUjzJt3vX0cN-uSuGBekL3zHX_u-nISf77otsDbw9iQHkOa-MNv-om8VOCgKNBQ7l5oRckDLROijR1IGmSLR96ZzZITNX9OwO-hb-GYMWctklKJc_LfvTygIuJHRPgCjPRytd3GAGKGQJlZ7vXQTfoheXFcTa6lRbS7JpxKzsALVGimORVJrSLbUN6O6QFKqsbY80nUAAQlbfONEAY5YKu-PmRcUZloYDk8ulWBgDU1rD7zNXmo1-IxLMYs2EympqsZrA7643r7narE1ju08Ielow8EGwp139jfMPU6FrhaGJy9bjZ0UCyi_dGYagj6iMRzypnwx-6sVgS3eZXKq6Cb8WruTYslD0ZIzBz3bYk8FCXCVjDTqjwZpH-gwAtydBfTEDE0JrrvyArZc1lPwKFohaYbQThBxxk63ZXeMv4cEpC7D4a79bKzZ81crDD0vJvUa58ziPnQ-x1iZtq8oCjnUwwlU3qdXhUqplGHxokN4RWPmk3GiJBSHF4x4MohUAHfUBTOTMe-zzr1rC9az4f5pib1xsiTInMMhNHmSu6IvHy3gANLL5Uhl8uCG9LPRi7F3IFYXCUdx743hHnczzaaLtHcJRwNQbyQrGfRWjgpVq0ccpCkc5kkphRPgej8XrLDXkSmCQ2Hf1XyxQ6_fC7iGOib4X8TqZ-A9BOdv4TGJVHCUxODV1dm4FUYOsq7wpd4F47Wi7atFEMVXaPpVjGLMOrCOTMZz0L7XKgTuJeTdWUHR-PdEEZ_KvjVg5vVhHaUDxn2kA0zlgnmpri0J3J4UerAxbmgMyhD1tRddAjo7sMlhduEpFx0WqKY21AonqFmrPuj7h1oNVaEq9_wsZcMYmDP3R2hpzjPcjwHbMPWHB3Q3u2OKBOyziiV3YjDsfxMy8tph1WabBKg5CDAAlUsZAhaaOKooBbl1j6Cy-yBBL7chWxdIs43soGJse3_FRmZnzCwvnaVUA0AtfSUyrb7ahPEFUOOqjjkQYuYT0GYnsYEaTpraqO5_hHfmj0mC9Uc-PWu6Kl29AfwlvIgxF2FtyuT3UIIS1uJUo3nrHU43VAecCfTTrb1zPS8I37L0Ni5rT1tLSmmB1e5wfl3WvMbgZx5rWplVtg8oxBKtngDbWT9xxA0IlvMNEeTtBFUgoAtZpZv6cugt8oASxheJlVG56LJxjMmYkyOSd7unwuoxFcBWPfeIAgGIDGuWbKFlCHadWRDoCwehZrDefxG8A-aspOmR3CXYXAAshhZb6XN_JYzCav14rtjVH2wIIfdjRN-dPQDAtmisx54GVzNCqYyBheYJypxX5tz6tzc7m_CEwsy3AcJmoZCdnToiqVgg4cDy2z_yHVSVQUmYrzbp-IDA9HnMAKggBEMr7A47hgD-vntR-1TNflLTnuxscBHA79VNhZlWo07JQIpemr51dz7LjPNaGmMrFGd4AAYDP4yyzZ3lgcbFYxlg7RVZ1ZRE7gczb--9s7SmI59QmlEHdQUFkjtC6SLitLaHofnipJgbSwHkoRbRt29wzh4FxTbNknWZjUUJ3HVXvcdtiFCLEMs91SArmdziohlf7SYpHngj2YqJuLms4ZAfPVptM74fCgXqm87z4YgkcRcv4qVQ4VBr5Qa_Ec6L40yCqYMtnhncjiJGKXALBowWSktPdcfI-UR1vhChQbSGWc9UiNm2mJiJDWI0QUFB_OTzxN9xN9wCeCP6CD7L86cPHm_i7jM24fxQf2T3JR5DgzNMroCNGib2DxBqLqCKi9QbFyYqbNTGa2HHbG1BbuqDpsJwwK2jfiyMtCIE9MM9DZZATXYHmyxRa1WlSnW91opj-vPb8eAq2BcHrbyDlMoajzIjhSow7AYCUUvTWulJY6URfcy8uMPO96uEUH-96axH_YmGkZavIjp-cLrz7QUwNK4lPOg-SGIU9dyHNHu_Ra6Bep9o97sMkxEJTSj39iK_sp7AW5Ic8MNg9BGraGn8IZIddFcGArdTaxgZ_4J5Hr0ieFuE82O6CjC_c6cJJut8JXj9e3u9HcS3nOh_eAdYpN0SA9Ox49pEXXG7JDj45zd4qmmTnddAkC_r68eG6hoy4pbvPsboEHshYapoomi71ooe-ik-4HgIRtLLfbGFSf78vBdfNKsG4No_sXMDfakP3p5EZjqFCOTXGhVCDgcgDpctuaXP1lAG2Sie3y5NJ9IZoxJtMSkARxqr9WrKbZ09siWy3oW2CFnxtUcRwDB_tl4n9Kz8glzpzY2fCOsgkxKTwCgsiKKwpXagLT3I6wJ6yuOLMvf19g0lNw0UF-C8pUka28hjSRseAsCqaZ88bh5vFhtL1J7NfmZSkeKQwnjB-XNz9MLiIXMCnlGcGUWsxZX7-2CLd3xARCcWnd4gOvTpls3FEb9gDnIV0GMjVNyslVCgkJLyn54QNVGiAGgLQ-uKse3tn91K6GWp6ezWHsCogCwgiZq3HZha1_WuEUl2uAQIwgqhOzpDnBVAL37ETiUFecEAHVSzsKzC9ZDNBpCJVe8mFGej5t2SXGcgSY_-sWOKO1L3YjHRHJwmy_oUJClON7I1sX6dX2m3SXuDSpPWz-tg_TpgBiMB3_4Bu_yOXsVwhNXE2Tgrxqu6iRt1UvVmFi6Gw6ON1c4lQswZqcltegVRYUKfi0xhotFUZG0TDspa1S_nwsj8jo9SzYQZVPMBfNCbtiAucDsFU_qYkoOp_JZxd1LXuqNZH_SxV8F6z8DCgFMJesbyQ2vReILat8-b3IU-7kNo0A7_KzxvmqAy0Ny5fdNt_C8bOXYGeq8bYFB9XqkMcM2KOs71xrPFap7EiJaUAZQfMmSP6oI_d-DGl7lXBogEWyDIYFRLmAn2_QeouMdCq0ZYfn7pVcynx3Ktxraeoty-8jYF2gCdpZlgI5ebtY_6yc029BvhSnT-l1sIH9_XF3OIbyfvY3IYMo72JoDX4T8_DaQve79DBJ3TyLY_VDXYjK-f64v5tN15Y2FR9pISNdLNVlAy3u1KRMTLl2YRl9dHQmiWih5U9EmxJWXEDMN8VSs3mLfgJJVd7nAIGV9UN0rI0Bm3Qcse_9_qo9lzjqGjy7GiUvAHgH3AJ0UgEJ3hSMAkl3fMbvxBb_DjBbroZvf9QLZzQCoTB8yIjbdAyxgg0BQ3jxo4SRsENjbvp58bxrAvOeEBu73X35sBMI16tkE56rteLWJ3fUGGMf-dcbogZcduyxEEtdpD4dcz3VzWIPenXe1ZVmwwu86-_Y4OJRQ9e-Atjm6UymoHUNot27B9j3-5F-sfgh9Nsf1qZllb3GItSCv1Oc-EJEOV_SLgfrv5p86nkvHrfDLFWgTVMjMzhWv9mw5q8G4KKhwgJ0zh0RTIqmLjkVp6W9jRda5gcst1YXru6zB-zYNk1R-ZQp2Q7-F0DyX05lvixJ6JDHuV&cid=CAASJeRoJOk57eTPkNwU6JS66xzqT__qMwOzBUt75FIj1SVtYBEP3wo&rfl=2%2Chttps%253A%252F%252Fwww.moirebenok.ua%242%2Chttps%253A%252F%252Fwww.moirebenok.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f49a4ed7c13cf45bd9cd70a0982ce545c4780c21520f634e7a8acedcac227a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4F99 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?B19_zw
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 55ms
55ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=5805c5dc57dc4e5d8139152b50afec8c&cet=9&zone=E62E3DDF-D324-432B-AC56-25C713463CC4&rule=B636317B-3B3F-4C45-BB00-BA24965406EF&requestId=81634297-85f6-48eb-bc5c-f961a0bd8737&hp=-1090256381&page=www.moirebenok.ua%2F&pvid=8feff600-d709-4aff-9316-07a44845295c&inst=ADS-EU-7&ts=637960456087754971&sf=0

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 03:46:50 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 55ms
55ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=e62e3ddf-d324-432b-ac56-25c713463cc4

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 Aug 2022 03:46:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5188 14 KB
11 KB 68ms
67ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69b0ad60bc326c9e592298ca9b7dab269488f8fd957dbbe1e6e1c7bfe16b38fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11117
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 55B8 170 KB
59 KB 198ms
54ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Aug 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 55B8 8 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYGWa4RwFjkX6pOCfJ18VKmOw-vWmXfT2kxHZwPrljTjKOhqyWM1togwb6oBazMsdjPUee5ljNCvkJj4cwijdEz6-QWdo6Oem_7HO7rU6RxTiTWaJ114mLmiS17ZpyNKmsh3x7vO67lBizZZIF2qzDeRjdUg&dbm_d=AKAmf-Bc9zc2fqaMxCa6cQUICvUNrqR2e-RXu_riayVjmQNM3_QHKcQ1HtGNS1oeajiz75mL90O7r7An2CsZieDUie-JDwEiPzsk_oeogczKFYYfEKVNWaInFQvdcME5C8KTjDWHXJdUKTlLfKhuxh_fjYX9B-XwdmOSXvGjjsozdYODqt8WKUjzJt3vX0cN-uSuGBekL3zHX_u-nISf77otsDbw9iQHkOa-MNv-om8VOCgKNBQ7l5oRckDLROijR1IGmSLR96ZzZITNX9OwO-hb-GYMWctklKJc_LfvTygIuJHRPgCjPRytd3GAGKGQJlZ7vXQTfoheXFcTa6lRbS7JpxKzsALVGimORVJrSLbUN6O6QFKqsbY80nUAAQlbfONEAY5YKu-PmRcUZloYDk8ulWBgDU1rD7zNXmo1-IxLMYs2EympqsZrA7643r7narE1ju08Ielow8EGwp139jfMPU6FrhaGJy9bjZ0UCyi_dGYagj6iMRzypnwx-6sVgS3eZXKq6Cb8WruTYslD0ZIzBz3bYk8FCXCVjDTqjwZpH-gwAtydBfTEDE0JrrvyArZc1lPwKFohaYbQThBxxk63ZXeMv4cEpC7D4a79bKzZ81crDD0vJvUa58ziPnQ-x1iZtq8oCjnUwwlU3qdXhUqplGHxokN4RWPmk3GiJBSHF4x4MohUAHfUBTOTMe-zzr1rC9az4f5pib1xsiTInMMhNHmSu6IvHy3gANLL5Uhl8uCG9LPRi7F3IFYXCUdx743hHnczzaaLtHcJRwNQbyQrGfRWjgpVq0ccpCkc5kkphRPgej8XrLDXkSmCQ2Hf1XyxQ6_fC7iGOib4X8TqZ-A9BOdv4TGJVHCUxODV1dm4FUYOsq7wpd4F47Wi7atFEMVXaPpVjGLMOrCOTMZz0L7XKgTuJeTdWUHR-PdEEZ_KvjVg5vVhHaUDxn2kA0zlgnmpri0J3J4UerAxbmgMyhD1tRddAjo7sMlhduEpFx0WqKY21AonqFmrPuj7h1oNVaEq9_wsZcMYmDP3R2hpzjPcjwHbMPWHB3Q3u2OKBOyziiV3YjDsfxMy8tph1WabBKg5CDAAlUsZAhaaOKooBbl1j6Cy-yBBL7chWxdIs43soGJse3_FRmZnzCwvnaVUA0AtfSUyrb7ahPEFUOOqjjkQYuYT0GYnsYEaTpraqO5_hHfmj0mC9Uc-PWu6Kl29AfwlvIgxF2FtyuT3UIIS1uJUo3nrHU43VAecCfTTrb1zPS8I37L0Ni5rT1tLSmmB1e5wfl3WvMbgZx5rWplVtg8oxBKtngDbWT9xxA0IlvMNEeTtBFUgoAtZpZv6cugt8oASxheJlVG56LJxjMmYkyOSd7unwuoxFcBWPfeIAgGIDGuWbKFlCHadWRDoCwehZrDefxG8A-aspOmR3CXYXAAshhZb6XN_JYzCav14rtjVH2wIIfdjRN-dPQDAtmisx54GVzNCqYyBheYJypxX5tz6tzc7m_CEwsy3AcJmoZCdnToiqVgg4cDy2z_yHVSVQUmYrzbp-IDA9HnMAKggBEMr7A47hgD-vntR-1TNflLTnuxscBHA79VNhZlWo07JQIpemr51dz7LjPNaGmMrFGd4AAYDP4yyzZ3lgcbFYxlg7RVZ1ZRE7gczb--9s7SmI59QmlEHdQUFkjtC6SLitLaHofnipJgbSwHkoRbRt29wzh4FxTbNknWZjUUJ3HVXvcdtiFCLEMs91SArmdziohlf7SYpHngj2YqJuLms4ZAfPVptM74fCgXqm87z4YgkcRcv4qVQ4VBr5Qa_Ec6L40yCqYMtnhncjiJGKXALBowWSktPdcfI-UR1vhChQbSGWc9UiNm2mJiJDWI0QUFB_OTzxN9xN9wCeCP6CD7L86cPHm_i7jM24fxQf2T3JR5DgzNMroCNGib2DxBqLqCKi9QbFyYqbNTGa2HHbG1BbuqDpsJwwK2jfiyMtCIE9MM9DZZATXYHmyxRa1WlSnW91opj-vPb8eAq2BcHrbyDlMoajzIjhSow7AYCUUvTWulJY6URfcy8uMPO96uEUH-96axH_YmGkZavIjp-cLrz7QUwNK4lPOg-SGIU9dyHNHu_Ra6Bep9o97sMkxEJTSj39iK_sp7AW5Ic8MNg9BGraGn8IZIddFcGArdTaxgZ_4J5Hr0ieFuE82O6CjC_c6cJJut8JXj9e3u9HcS3nOh_eAdYpN0SA9Ox49pEXXG7JDj45zd4qmmTnddAkC_r68eG6hoy4pbvPsboEHshYapoomi71ooe-ik-4HgIRtLLfbGFSf78vBdfNKsG4No_sXMDfakP3p5EZjqFCOTXGhVCDgcgDpctuaXP1lAG2Sie3y5NJ9IZoxJtMSkARxqr9WrKbZ09siWy3oW2CFnxtUcRwDB_tl4n9Kz8glzpzY2fCOsgkxKTwCgsiKKwpXagLT3I6wJ6yuOLMvf19g0lNw0UF-C8pUka28hjSRseAsCqaZ88bh5vFhtL1J7NfmZSkeKQwnjB-XNz9MLiIXMCnlGcGUWsxZX7-2CLd3xARCcWnd4gOvTpls3FEb9gDnIV0GMjVNyslVCgkJLyn54QNVGiAGgLQ-uKse3tn91K6GWp6ezWHsCogCwgiZq3HZha1_WuEUl2uAQIwgqhOzpDnBVAL37ETiUFecEAHVSzsKzC9ZDNBpCJVe8mFGej5t2SXGcgSY_-sWOKO1L3YjHRHJwmy_oUJClON7I1sX6dX2m3SXuDSpPWz-tg_TpgBiMB3_4Bu_yOXsVwhNXE2Tgrxqu6iRt1UvVmFi6Gw6ON1c4lQswZqcltegVRYUKfi0xhotFUZG0TDspa1S_nwsj8jo9SzYQZVPMBfNCbtiAucDsFU_qYkoOp_JZxd1LXuqNZH_SxV8F6z8DCgFMJesbyQ2vReILat8-b3IU-7kNo0A7_KzxvmqAy0Ny5fdNt_C8bOXYGeq8bYFB9XqkMcM2KOs71xrPFap7EiJaUAZQfMmSP6oI_d-DGl7lXBogEWyDIYFRLmAn2_QeouMdCq0ZYfn7pVcynx3Ktxraeoty-8jYF2gCdpZlgI5ebtY_6yc029BvhSnT-l1sIH9_XF3OIbyfvY3IYMo72JoDX4T8_DaQve79DBJ3TyLY_VDXYjK-f64v5tN15Y2FR9pISNdLNVlAy3u1KRMTLl2YRl9dHQmiWih5U9EmxJWXEDMN8VSs3mLfgJJVd7nAIGV9UN0rI0Bm3Qcse_9_qo9lzjqGjy7GiUvAHgH3AJ0UgEJ3hSMAkl3fMbvxBb_DjBbroZvf9QLZzQCoTB8yIjbdAyxgg0BQ3jxo4SRsENjbvp58bxrAvOeEBu73X35sBMI16tkE56rteLWJ3fUGGMf-dcbogZcduyxEEtdpD4dcz3VzWIPenXe1ZVmwwu86-_Y4OJRQ9e-Atjm6UymoHUNot27B9j3-5F-sfgh9Nsf1qZllb3GItSCv1Oc-EJEOV_SLgfrv5p86nkvHrfDLFWgTVMjMzhWv9mw5q8G4KKhwgJ0zh0RTIqmLjkVp6W9jRda5gcst1YXru6zB-zYNk1R-ZQp2Q7-F0DyX05lvixJ6JDHuV&cid=CAASJeRoJOk57eTPkNwU6JS66xzqT__qMwOzBUt75FIj1SVtYBEP3wo&rfl=2%2Chttps%253A%252F%252Fwww.moirebenok.ua%242%2Chttps%253A%252F%252Fwww.moirebenok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:39:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 55B8 30 KB
12 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 03:41:40 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C684
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEICPJxNhI2KjlhwVvBu23Y&google_cver=1

43 B
434 B

99ms
79ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEICPJxNhI2KjlhwVvBu23Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW52c1LdTfgYESgcVh5YKVDsOm2x9GFaTMmKAwLPhRES6t2gajvX5k-Sgg14BbJU3xYtcGg3AtRlMH2Zpz6ppmcyRyHeqT89f8GkLF1DvN96iCS3UYOIKlD_uFeJiMO8zH_YhGv9s3h7tqW4ToNlaVVJ2h1nJbI0H5USUrovwgxyuv_DqE
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73a6b4adaafc7768-LHR
pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6zMhhmZdtlMWCAxRfS%2FbEzsu43Pvb6f%2FMcN1%2Bsub0y4yRG6FT8wSycU9nXcARs3uv2%2F%2Bmu5XX2%2FV5bYYx9l%2FmidXou2BPhJ6H8UhIxPWTihdeuo7OG6NwlOM86b5PzIYBTokCAEhvhnGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEICPJxNhI2KjlhwVvBu23Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C684
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvhwKuRiHCQMELf1KtVqAAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEICPJxNhI2KjlhwVvBu23Y&google_cver=1

43 B
950 B

130ms
80ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEICPJxNhI2KjlhwVvBu23Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW52c1LdTfgYESgcVh5YKVDsOm2x9GFaTMmKAwLPhRES6t2gajvX5k-Sgg14BbJU3xYtcGg3AtRlMH2Zpz6ppmcyRyHeqT89f8GkLF1DvN96iCS3UYOIKlD_uFeJiMO8zH_YhGv9s3h7tqW4ToNlaVVJ2h1nJbI0H5USUrovwgxyuv_DqE
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73a6b4aeee3876f0-LHR
pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSSp2eH%2FJ3FJBF2I9qLt3uEMBI%2BmNklj0atHnah3WJd4o7l5F%2FdiWvyTtjWOSz7J9v8OGKNneJ8nhXiLMfEtrIxoEl%2FlZL%2FRr%2BnkWRKDBicCY1qq3HeTBvrgvuDY5aTYe9t6o%2BTCSwNPKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEICPJxNhI2KjlhwVvBu23Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C684
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOXZJXHOkMxRPkD_fAnWSeE&google_cver=1

43 B
1 KB

53ms
53ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOXZJXHOkMxRPkD_fAnWSeE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW52c1LdTfgYESgcVh5YKVDsOm2x9GFaTMmKAwLPhRES6t2gajvX5k-Sgg14BbJU3xYtcGg3AtRlMH2Zpz6ppmcyRyHeqT89f8GkLF1DvN96iCS3UYOIKlD_uFeJiMO8zH_YhGv9s3h7tqW4ToNlaVVJ2h1nJbI0H5USUrovwgxyuv_DqE

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:51 GMT
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d0b13536-f80c-447c-a4e5-fc1fc43b986a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOXZJXHOkMxRPkD_fAnWSeE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C684
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwODk4ODUyODU2ODA3NDA0Nw%3D%3D

170 B
188 B

67ms
67ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwODk4ODUyODU2ODA3NDA0Nw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:51 GMT
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c46f2e8e-dc16-4abe-b6bb-9b01b3614575
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwODk4ODUyODU2ODA3NDA0Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 55B8 41 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5188 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:46:51 GMT

GET
H2 200 main.19.8.343.js Show response
static.adsafeprotected.com/ Frame 55B8 193 KB
60 KB 219ms
64ms Script
application/javascript 2600:9000:223f:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.343.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481226352&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.moirebenok.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d58d46be1f35b78ccafcab30011144eeaf985c95227ab27d683fbb46cdf2ca9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:34:22 GMT
content-encoding: gzip
age: 213149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 10 Aug 2022 18:33:46 GMT
server: AmazonS3
etag: W/"2a354ce8135fe47396c547d298dd1c1f"
vary: Accept-Encoding
x-amz-version-id: XdaPczT9hxfpUjvYqrD4cnU5x3Jkt2N0
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: d9eXvulzZneHuQFNgMI7HxCDN1RqACf3WaVxA6qtyW-yEGU5aQ-4wg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 23DD 1 KB
749 B 54ms
53ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 40774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Aug 2022 16:27:17 GMT
etag: 48472445140208031
expires: Sun, 14 Aug 2022 16:27:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 55B8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6723efb202ed982d9471a95e28b3bf0a9dbf4521de59f8c4524b31d061183b5a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3D5D 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 210465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3814 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 22618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Aug 2022 21:29:53 GMT
expires: Sun, 13 Aug 2023 21:29:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EF42 783 B
536 B 64ms
64ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5161339189f5b1686993a23fff16133e409f3c33fbb95735779da0cb8225d2a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Uxm3_k1pOdOxheL7P62jYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Uxm3_k1pOdOxheL7P62jYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:51 GMT
expires: Sun, 14 Aug 2022 03:46:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23DD
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEHZYe6jOu5M7FedUnTpOBf4&google_cver=1&google_push=AehlK4ADCxEZtzDm6bjGFX-YHhvP-cpvfIGOKAp5Z_0xPfk8rp_U3bvOcipKefhQk5LG8WxMK_Lk-HYN7_qulLBLZeh1Gtvnhl8
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4ADCxEZtzDm6bjGFX-YHhvP-cpvfIGOKAp5Z_0xPfk8rp_U3bvOcipKefhQk5LG8WxMK_Lk-HYN7_qulLBLZeh1Gtvnhl8&google_hm=Q0FFU0VIWlllNmpPdTVNN0...

170 B
188 B

65ms
64ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4ADCxEZtzDm6bjGFX-YHhvP-cpvfIGOKAp5Z_0xPfk8rp_U3bvOcipKefhQk5LG8WxMK_Lk-HYN7_qulLBLZeh1Gtvnhl8&google_hm=Q0FFU0VIWlllNmpPdTVNN0ZlZFVuVHBPQmY0

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Aug 2022 03:46:51 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4ADCxEZtzDm6bjGFX-YHhvP-cpvfIGOKAp5Z_0xPfk8rp_U3bvOcipKefhQk5LG8WxMK_Lk-HYN7_qulLBLZeh1Gtvnhl8&google_hm=Q0FFU0VIWlllNmpPdTVNN0ZlZFVuVHBPQmY0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 451 466606.gif
id.rlcdn.com/ Frame 23DD 0
9 B 171ms
62ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4A-U4KFy5U6i66blqspK23dWLCLVDa138_i0A0xVYn8CzqCEHse7qaNQi6xGaDIN5IWcqwt6FXUpb_QSm9WoEusVnxVWVTL&google_gid=CAESEER7B9c-uLUBp2EXQBZGdqM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23DD
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AYqP2m...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AYqP2m...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTQwMzQ2NTEwMDAxODM3NDA3MzUxOA%3D%3D&google_push=AehlK4AYqP2mEf06g0bPr1JsgdMmwuIYwkPwkAZ3st2dHrgZlrCNaB9Ui7bN3Yix3UsHcO...

170 B
188 B

64ms
63ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTQwMzQ2NTEwMDAxODM3NDA3MzUxOA%3D%3D&google_push=AehlK4AYqP2mEf06g0bPr1JsgdMmwuIYwkPwkAZ3st2dHrgZlrCNaB9Ui7bN3Yix3UsHcOkOiw4m5T1HEQHrm4xUAQHTmEiiu4eu

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTQwMzQ2NTEwMDAxODM3NDA3MzUxOA%3D%3D&google_push=AehlK4AYqP2mEf06g0bPr1JsgdMmwuIYwkPwkAZ3st2dHrgZlrCNaB9Ui7bN3Yix3UsHcOkOiw4m5T1HEQHrm4xUAQHTmEiiu4eu
pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 14 Aug 2022 03:46:51 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 23DD 43 B
356 B 204ms
62ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGRQHUtQeD8krhLcMQAISD4&google_push=AehlK4CIlEFTNBCs3gtZq9CmVhxJVpiD7BBn190KJzbYNEywrwGsMcIJJnvRLY1aIn1JynXxaJDApQy21MoqvhrEddq590lWGFKA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 23DD 43 B
64 B 119ms
63ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECtAxP73iuCrmalN6obYWaQ&google_cver=1&google_push=AehlK4By9EbNUAksRC5G2z-M6IQFASgQ4xbc3NW8P-uxMNQ3udXYalsITWarIDooRHZawVicb4Hntwph1SBFlufdbZNtpR3YuxVL
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: brvdgagpmdj9hk6bidhqu8vv6jsrrmq7

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23DD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECpeTt6u4_pfxmO49lEVnOw&google_cver=1&google_push=AehlK4A7hAugRbTnNSIrQqHodbNvWe3Ifrn6_nR2xhtWQ2O6XLKZP-VUod8TgtnPqhO5Qz5dTLE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZTU0NNRzgtMjItSzVXMg==&google_push=AehlK4A7hAugRbTnNSIrQqHodbNvWe3Ifrn6_nR2xhtWQ2O6XLKZP-VUod8TgtnPqhO5Qz5dTLEMP7bVc1FzAF-CPVgsvFLU2gL3

170 B
188 B

74ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZTU0NNRzgtMjItSzVXMg==&google_push=AehlK4A7hAugRbTnNSIrQqHodbNvWe3Ifrn6_nR2xhtWQ2O6XLKZP-VUod8TgtnPqhO5Qz5dTLEMP7bVc1FzAF-CPVgsvFLU2gL3

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZTU0NNRzgtMjItSzVXMg==&google_push=AehlK4A7hAugRbTnNSIrQqHodbNvWe3Ifrn6_nR2xhtWQ2O6XLKZP-VUod8TgtnPqhO5Qz5dTLEMP7bVc1FzAF-CPVgsvFLU2gL3
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 23DD 0
12 B 63ms
62ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JT5x5J0BdnnwC1ftMebvFzLWQ3jQKvtfVcnN6KydjvIMYQLRw14DQr3aqzPexf0A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D5D 36 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3814 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EF42 0
0 90ms
90ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=1988656363999141&rc=
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3968893158595306590/ Frame 03E1 1 KB
620 B 172ms
63ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bb66a4066547ae8ab6db3ca66053088fd5b5215d6ced7acfe2bac1842b6327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 592
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:51 GMT
expires: Mon, 14 Aug 2023 03:46:51 GMT
last-modified: Mon, 25 Apr 2022 12:26:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 55B8 0
622 B 231ms
101ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWQwchxKOhdit5-Uptze1N6my_8kylv8yQ1Apswky4KBdhdaXp7beWLNdT5reNHuFvRxeKB2KoCQvfyDVPjLsnUvJbzl4ZqhFPURUVB6KQeXfADz68SXFVYmkAGXQCj4B7eAUy9ZXFR5hj-4Jqz1kCH2ApyJT0ygK8zk0a45R8W4Yg5yDK_JQX_SVtpnu1_36nufDcRlWc06VIkGnJ_CFg0b1Ic_Q5BuMiHpwqmFvfKjN8vTmklyT5nA0CP9xMV1khHAbZFUkyzcUmx9bQBqNReULNhM11Ux5NqEZGyT3UW66DEGfH0rgyolhpDbUEkP_pNIbZN_4rdDVH9dhlMQCeCGz4p_t9CmU1H7V1gJAyCyVbBi2Cv7j0Licp-jFmO_CCYDkmEhd1OcYY07HtT4pSS8GSGOmO98hRlgx9DGfgeYEkhb52BJHguJFwmEKhRypSa58Co1h5uasYJ94m_RzAlAH18XhZ-tB6xwmd73ztNNhj1cwOgfTgVV3q-xkE_6vLI0LzmewL2KNkl_rRA2dUjibTiBYe8o2Q1KV-pvxjiW-NzOdH5RaumLXJ1KDQ4ehr94hePmYbIJ9PrBn4ovI9MYl2HiRYgbVFVrGjUZ9Kibk5lcK9opgg2U-I7dwccTuW0EZrGOVrm2cds_PM_s3zRcofehbxV4qf0BwsZK5V_AmlYbKcyADQyZCcD9nq76L8DYYDehtsSwb_zm5NYUwrzuTNvSvO60fUw-LXcz56OPL9Sl7-5RYPzlwzydZecijtZC1FM0c9FFAHdl2FFB77FlZQJIavZL3VJkVsJUf1rZI7tOcGSoAp6eK2ZnhWQcfKNuJSErtgPO7m9MYpvmaxF-TptEM9f1c0Y_MdCVISBweTy9z9tjwFOwJ75N2h3GtjnSFCntpw1K2HwpWm4mkunv4vssn57FW7kVtCAzKnZyTsBSbexzMCHI7D_usZLB3QqiCtaKdReBo2CPbUMwYNiPUIHxwvSOYfqoMZUJvExvlZVtFcWZAjR_JNHAUjDSWgqrd3JxNmw7wrccOHRTZ17syphAW0kZGLuQ-SQsYnKH7PISNLFk5FEP8tJnWGub55tHCl8vT8Rr4YxZF3iMUQSytzSr7nQmJd7KS9fMLJM5Y_FKaJPcwXyGjzdmSbQBUV0CugRqg7Wzgol5BQrkAYuCuMiCw9HGrcpKJIGs8T2C0GHY0SCwdGvjMFVqHFvS-CCE7vKslN0h4PfMoSVnJE46cKkoHSjSXctWAQFNiYsYItOjTIyCLkEekD&sai=AMfl-YRkTqghDj1lid0kbp7fFuLdlggpmWGa3UCkoZp2bxhmbPClSfglVkigjjSPiBUzzRv0tDp_DbsxHYSnJ36hA4Sk0At2elv5GmgvOFTdrzbbu_1XTV5aHOziBWBW4uEBzl8UBHO2hFJjJI8eBJoBrKsRUz3NFH0UjWjQSdEJavlnJWO2WwKdwxtMfFKjFmT88x8t_Uh2HmDJ6EMQKd7xiZWi&sig=Cg0ArKJSzEyBh5Y_cVbQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&cbvp=1&cstd=314&cisv=r20220810.92175&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 14 Aug 2022 03:46:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 55B8 43 B
1 KB 316ms
67ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26964075&extCr=162826336&extPm=322763903&gdpr_consent=&gdpr=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.10 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 14 Aug 2022 03:46:51 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 14 Aug 2022 03:46:50 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3814 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ILJqRw
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5EDF 42 B
64 B 88ms
88ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsub4Rena0-saAXA404rmAeWwCVj5Wz9bOcdOEhsSqT2dYl8NlGw7R0bt15ftsRYKxYK8ZwaBEuuyn0P2Qs1HMRVnDE&sig=Cg0ArKJSzCxrDPEvUZLTEAE&cid=CAASF-RoFLeJyPwWJd7Et__2vyojtYaBS6dg&id=lidar2&mcvt=1016&p=0,0,280,1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1065767661&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660448809903&rpt=461&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame AB6F 80 KB
21 KB 64ms
64ms Script
application/javascript 2600:9000:223f:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 7758738
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: NPY8LJrxN0fVH1v2SPKMyreLX-5LbziIzh2Vvd00gB_8TSfqiY1Y3g==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 55B8 43 B
216 B 61ms
61ms Image
image/gif 18.202.123.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15481226352&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.moirebenok.ua/&adsafe_url=https%3A%2F%2Fwww.moirebenok.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.moirebenok.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7141688687918598%26output%3Dhtml%26h%3D250%26slotname%3D4288941329%26adk%3D569834508%26adf%3D2751417942%26pi%3Dt.ma~as.4288941329%26w%3D300%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.moirebenok.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1660448809730%26bpp%3D1%26bdt%3D160%26idt%3D267%26shv%3Dr20220810%26mjsv%3Dm202208090101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Dfc077c1abfa613c9-227f9a7ef3cd0052%253AT%253D1660448809%253ART%253D1660448809%253AS%253DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D8795719047812%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1916196167.1660448809%26ga_sid%3D1660448810%26ga_hid%3D1286936692%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D970%26ady%3D116%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D3777242901%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C31068487%252C44764001%26oid%3D2%26pvsid%3D2324079875339893%26tmod%3D1219569371%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D2%26uci%3D2.fck6u9yple9u%26fsb%3D1%26dtd%3D272&adsafe_type=d&adsafe_jsinfo=,id:ef1dc9de-ef04-f921-4518-af178aad633c,c:lexmZU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-94958994c-d2mk4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:publ1.grpm1,mtim:326,mot:0,app:0,maw:0,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:342,oid:baf7a1b9-1b83-11ed-b306-e6682ec536a3,v:19.8.343,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.123.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-123-230.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 475ms
130ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexn0h,pingTime:-3,time:364,type:v,im:%7BpBlk:354%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:341%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:365,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 472ms
130ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexn0i,pingTime:-6,time:365,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:366,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:www.moirebenok.ua*%2Cwww.moirebenok.ua*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 464ms
131ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexn0t,pingTime:-2,time:376,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1061,beZ:1063,mfA:1387,cmA:1389,inA:1389,inZ:1393,prA:1393,prZ:1398,si:1403,poA:1404,bl:1415,poZ:1415,cmZ:1415,mfZ:1415,loA:1427,loZ:1429,ltA:1437,ltZ:1437,mdA:1064,mdZ:1348%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:341%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,sinceFw:33,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D5D 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoUhQKnD4YqbhHaiF9u8PnrqauAMAAAAAOAHgBAI&bg=!9_Sl9LDNAAa4hXTbmIU7ACkAdvg8WlhCI8A834NiAhCnFu5Wj52_r3TCzQdjLgn3etsP2do61ekIHwIAAACqUgAAAAJoAQeZAtk8GzP2M4sN2fOayWsWqwgc5JZ2bR3288XtIfWLR_mq8DPWT8IPQz1L8NRLStjvmFPSZ5-i12w-iLYw-i6jPsVzg5x6HO-KtASnVXRZCZYk6DpR-iCjY8N68i2P3Wc_rCVCqx5289_qJCxid7ZNyx1mHd_m8mAo9sDq-najFCb1dpwX0OFTNTzu-Sv2XdMURs-oihC6tQGnQ6oDPui61upTwQJEHpnpobJYGjpgxlDr3X4sVvp8Wa2ThqBmVO0TAD4vjQo3k7qWbLLfuBcA8fKZkjahcf2qw-2LH9-kJgvKsYE202O58xavGE4ZniIuevciaB2DkIjiHYfV8HQBNBB1dg1liRKSfa1oi4hXQ261OgEMNeC0MWGn3N1saTlegv5Z9s1MH9W_w4w1QkdwC7ZeeFI2V6Ynsiv_dtpXdPoRmWqNE0JkZZL4q3ESwSEmdsrHU3spYZqXUdqUHvmyySs_uzrZUaNJGSZR8WUp-0rr_Ocr3JfaeXSuIljnCu1wWjlvleKNYkMwW_6i7AmFVShvewOzprimKcLrv9IkQrEYl_d6XG4PHSo0BtD3aGB9XlM_1gpuHlOMQwiu66ROsw33nLFYSw4ljOmbp85ZkJXnBmb_uKZg_La8BpqLo0Ggr79zOAPge3YuKy1aqvSarJIk5t7faCTeVmqAfrDAMBnYLjNvx1dZ_g0j6ApiCsdnLu8SYLUhAm1c3IjP-1E5ELGDIzEby7SX1G8sLfHKenEkL8n_iDFB-kUJ0YwWWj_Tn-ZtsL5exvigJ3TTsgPgXS7VQgDuamcal7wWV1ulLnK7WEualzGK7SiJPbiNTwV2tScHlv9vxYPbtgVMR6c_2inDz0kmMg7soH1rhb9qO-J3NvR71pz5970GMnu9f0tEDPuuhIjMVF5aHgwZFbxzp9U0RN6bR4Zb6qJOAntfOrBQjAVUKMA8BJkFWO3bENJcw0rGv6QTCufApG0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1F0B 0
127 B 54ms
54ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 14 Aug 2022 03:46:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 03E1 118 KB
40 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Aug 2022 07:51:00 GMT

GET
H3 200 preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 03E1 64 KB
16 KB 132ms
131ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16579
x-xss-protection: 0
last-modified: Mon, 12 Feb 2018 18:09:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Aug 2022 03:46:51 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 03E1 112 KB
38 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Aug 2022 03:46:51 GMT

GET
H3 200 de_DE_polite.js Show response
s0.2mdn.net/creatives/assets/2377528/ Frame 03E1 87 KB
27 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27518
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 13:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Aug 2022 03:51:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E450 0
0 95ms
94ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=2324079875339893&bg=!dnWldTHNAAa4hXTbmIU7ACkAdvg8Wp3bn9YqsZKEv0GF2WyYNlw2GzSYjta8Y2bBSFEfZ3gDzxE89wIAAAHoUgAAAANoAQeZAryWVbWHa1AFn3VYLvQcll-SuPaRg1gU9pvjydrLDvW9MYqSu8awzOFC3xyfqAXXbhcFF_GSxg_REfgPzJ5eUOpoEtkxCYGXnTKOhrg7Kg8ngI-_YIHy6lHnJQ_K26CGbziMQEiSXqXm0I3WhIHRLj63CvFrrEIwZtkCTFrkPHo9NHRVn-qI6jNwNk-hlOsqaCPsWcb88B9PgpSuEo42xIq7EXUXZ_Ujp3JZxfrN4vp_QUT_6Qq6YJDAlpr4rzzkB9iuyTfMA7c5w1YztzSpVUjYmT10k2jaKeYIX7ctbh9cub2XNG58Pf5wcQC36J8fFFcMj0Dxkc1nxKWeR3j6gTnqMklPyPU9-ep96YHQE-3393jCDX2ogWkxcP1jCW5dyHp-K-B-Tmp38iiQcct_hhogEERyMLt5n-2KtBdKZy2_rM7kvE2QTfxd0Ymdtv0cSc948LPHa-AxI8MC_Y695bxQ8u_NtvuwORK45UmGb4L5ZZDFeQpBS2D4-uBDtp9z-qzMTeUGaq2tWtBhfYCmRH2hueS1MnD0GGkg1eS2-5L6fG4uoVLvh5MdzCjqFcCjzNoJ1t36OYr0fpPGxYNzg-MQqfXzqlZa4oLfLbdscJeB4wkgMvld0kFeyYrBX_DlOOj1cxVvi2DZ2DBgn8e1NARI1coR1LDnlknNYbn-rf2b7OTZocX4jB6SQc23Cgareq7ybVBp0OLzFlSI0Jotj0qnFb2zDBYd4pVnELbw3bQkhut2GjOrR8SB1XkAnzuK6j726qeDzi9mLzsek6rfSz4r1RPM51WFc8Fe1HAPPzrthz5r-CM-HPuhHVNZ0SVRbAZcbsbMAi0NfI8L3XhjInB6mIqrFqME-sO6LOT_8os8TxjobR63kHE0ghod_vVqsXrZzh_r1myICdIYu-mwbvSBYaAWKskwBdK-R6GN
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
216 B 397ms
129ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexn1v,time:440,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:441,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 03E1 7 KB
5 KB 65ms
65ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e59feca4d6548d198e22008a2c920f958812aacbbc31dd4d0d426ac260f73e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5598
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 55B8 0
26 B 204ms
94ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWQwchxKOhdit5-Uptze1N6my_8kylv8yQ1Apswky4KBdhdaXp7beWLNdT5reNHuFvRxeKB2KoCQvfyDVPjLsnUvJbzl4ZqhFPURUVB6KQeXfADz68SXFVYmkAGXQCj4B7eAUy9ZXFR5hj-4Jqz1kCH2ApyJT0ygK8zk0a45R8W4Yg5yDK_JQX_SVtpnu1_36nufDcRlWc06VIkGnJ_CFg0b1Ic_Q5BuMiHpwqmFvfKjN8vTmklyT5nA0CP9xMV1khHAbZFUkyzcUmx9bQBqNReULNhM11Ux5NqEZGyT3UW66DEGfH0rgyolhpDbUEkP_pNIbZN_4rdDVH9dhlMQCeCGz4p_t9CmU1H7V1gJAyCyVbBi2Cv7j0Licp-jFmO_CCYDkmEhd1OcYY07HtT4pSS8GSGOmO98hRlgx9DGfgeYEkhb52BJHguJFwmEKhRypSa58Co1h5uasYJ94m_RzAlAH18XhZ-tB6xwmd73ztNNhj1cwOgfTgVV3q-xkE_6vLI0LzmewL2KNkl_rRA2dUjibTiBYe8o2Q1KV-pvxjiW-NzOdH5RaumLXJ1KDQ4ehr94hePmYbIJ9PrBn4ovI9MYl2HiRYgbVFVrGjUZ9Kibk5lcK9opgg2U-I7dwccTuW0EZrGOVrm2cds_PM_s3zRcofehbxV4qf0BwsZK5V_AmlYbKcyADQyZCcD9nq76L8DYYDehtsSwb_zm5NYUwrzuTNvSvO60fUw-LXcz56OPL9Sl7-5RYPzlwzydZecijtZC1FM0c9FFAHdl2FFB77FlZQJIavZL3VJkVsJUf1rZI7tOcGSoAp6eK2ZnhWQcfKNuJSErtgPO7m9MYpvmaxF-TptEM9f1c0Y_MdCVISBweTy9z9tjwFOwJ75N2h3GtjnSFCntpw1K2HwpWm4mkunv4vssn57FW7kVtCAzKnZyTsBSbexzMCHI7D_usZLB3QqiCtaKdReBo2CPbUMwYNiPUIHxwvSOYfqoMZUJvExvlZVtFcWZAjR_JNHAUjDSWgqrd3JxNmw7wrccOHRTZ17syphAW0kZGLuQ-SQsYnKH7PISNLFk5FEP8tJnWGub55tHCl8vT8Rr4YxZF3iMUQSytzSr7nQmJd7KS9fMLJM5Y_FKaJPcwXyGjzdmSbQBUV0CugRqg7Wzgol5BQrkAYuCuMiCw9HGrcpKJIGs8T2C0GHY0SCwdGvjMFVqHFvS-CCE7vKslN0h4PfMoSVnJE46cKkoHSjSXctWAQFNiYsYItOjTIyCLkEekD&sai=AMfl-YRkTqghDj1lid0kbp7fFuLdlggpmWGa3UCkoZp2bxhmbPClSfglVkigjjSPiBUzzRv0tDp_DbsxHYSnJ36hA4Sk0At2elv5GmgvOFTdrzbbu_1XTV5aHOziBWBW4uEBzl8UBHO2hFJjJI8eBJoBrKsRUz3NFH0UjWjQSdEJavlnJWO2WwKdwxtMfFKjFmT88x8t_Uh2HmDJ6EMQKd7xiZWi&sig=Cg0ArKJSzEyBh5Y_cVbQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=679&vt=11&dtpt=360&dett=3&cstd=314&cisv=r20220810.92175&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 03E1 17 KB
6 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:46:51 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 253ms
252ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexn5R,pingTime:-10,time:710,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660448811775%7C%7C5be39f2a8f7cfc6abcd27c0a7c40e1cb%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C8cfb992ed6583c2ef0f3553a524ed731%7C%7Cc2fcd995c7d9c80f8d03bb145004637d%7C%7Cc19ac1c179223c84e7b8852f4b157e1f%7C%7Ca6d0234732e019764777196f176a2234%7C%7C632accde72c97e255768701c65c9ddf7%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 607D 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5188 0
0 91ms
90ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=1988656363999141&bg=!np2lndnNAAa4hXTbmIU7ACkAdvg8WkYGxN3tADRUecxcgsTAM5n_Rfn0ASCNiVehoaCGhVRAL5dbVAIAAACUUgAAAAJoAQcKACzvZcNN6M64NL3ODEmYU9EFFHKKsPzLKm59qFKWoqg2GJOvR8iFXjltKQBr05kCuYcJRIw8afXhrBoqrnSezOWUO01pQLYJdRQkR3H809o_w7o9Elvpler76BvDcFZsUz60dxw-1Ycas7dr75VbpeobNSIxG-wmNEmbkLPlKGMJ1bXB53chsSOK-bNNDDtk4sDFIZArvC2p7rgXSXoBkqOA19eZBccyYGA4FcY6sYVJOL_6eBHUrhf_1umnABkReWkCw9d6i3XrPLzU33EjAClnXqMVjzjy_XdKlWxiyHBYf13CUA-HsKBXI9L4fRSeUoBZDAAG3NREmSsHDIPDf0Dj_XNAEnEhTUYFpuHu1UAAfHh2X5lDkC6ayWIWXD6rHSlSa2ibDimdhJg2-AkPYZbJe7Ob5xPyUrPsy3Wezpc2YF6Z-RKaT41DBa7CHhwLSjXFo939uOiXPTvy0evNi2bd8wdqsBxWvlxLa9m2Voaa7-7Aulg1gLguBoh59YuDsb6j0G9zmRK4G71EXi2VGqGC5Vd29Uy64vu9LixBznCLl1LT81ocJILwQem4VtDziXQ9Liz-8UB-3j4c8E9OKQCKIY_RgVSaOsD46d3Qw5TSXVSNyGfKOKo84RNiSTp86NH1OyxJ6e4kCeYbfNDZTrJa1PR_g8pT97nZkxEy28AEwcJV4AntylMBxarx0u60gWuUPuX8SoxDLBXYoaHqLKobeAMr7fUXQYMeWFosD8miEBxL2TiiGebXa2Rtu6tCdIUXSdIyHF_yy4X7Cv2Z3rMXDpaaqnuDpRCNLnJAYQzFCx62qWzRCLeE5zYE0wcUom8zRMYAXZIUXuZUi-SURxu-4lHgELnt0hiRAqDcM4Bk--gAoWQW7srg9GhPPif4E1QL9tdaMrEzT1zMinnnSg0ACoBihOcrjuwghnhNWPYx2Ac9hFsYxmJELe5sR_3ivZ-DuH-vgmx4uvH0Ef6m_DRIvFfxkxbN2M4
Requested by: Host: www.moirebenok.ua
URL: https://www.moirebenok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 130ms
130ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexn9d,time:918,type:e,im:%7Bpci:%7Btdr:513%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:918,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B589~0%5D,as:%5B589~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:485,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=4288941329&adk=569834508&adf=2751417942&pi=t.ma~as.4288941329&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448809730&bpp=1&bdt=160&idt=267&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&cookie=ID%3Dfc077c1abfa613c9-227f9a7ef3cd0052%3AT%3D1660448809%3ART%3D1660448809%3AS%3DALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ&prev_fmts=0x0&nras=1&correlator=8795719047812&frm=23&ife=5&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448810&ga_hid=1286936692&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=116&biw=1600&bih=1200&isw=300&ish=250&ifk=3777242901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C44764001&oid=2&pvsid=2324079875339893&tmod=1219569371&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fck6u9yple9u&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:52 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 67ms
67ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d11cb9a0d0edb29032d8b8fc5b2349435b918f9325dca314683faf0082480bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 03:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11139
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1CAB 15 KB
6 KB 200ms
67ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.moirebenok.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:51 GMT
server-processing-duration-in-ticks: 2145
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 300x250_NH_D_EU_Nordic-Nature-Lake.jpg Show response
s0.2mdn.net/creatives/assets/2373736/ Frame 03E1 14 KB
14 KB 54ms
54ms XHR
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2373736/300x250_NH_D_EU_Nordic-Nature-Lake.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d4fe416cca38e890d630af68d3ca5057b02ba374a715ebf2a1aff5239148d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:45:46 GMT
x-content-type-options: nosniff
age: 66
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13876
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 16:04:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Aug 2022 04:00:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 61ms
61ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=471335202&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.moirebenok.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%BE%D0%B9%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BE%D0%BA%20%E2%80%94%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=doskrol25&ea=doskrol25%25&_u=aCjAAAABAAQCAG~&jid=2027287966&gjid=183401344&cid=1916196167.1660448809&tid=UA-59638469-2&_gid=1013874019.1660448809&_r=1&gtm=2wg880TH2WFG&z=1922673867

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moirebenok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Bezymyannyj-2-260x160.png
www.moirebenok.ua/wp-content/uploads/2017/01/ 91 KB
91 KB 51ms
50ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2017/01/Bezymyannyj-2-260x160.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9002469d273927cbfd9fca98e11e207c2984363d395f1e261a563fca594e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74107
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92816
last-modified: Sat, 16 Feb 2019 00:45:17 GMT
server: cloudflare
etag: "5c675d1d-16a90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rUtQZzEdMW3XADJnHxo8jXbSXRMPLfpaTa%2FG0oT9%2FXKel%2BtXYldGbbnraJZCSMaIY4b40Oozq1YQRfjfawxA%2Fx2%2FoToSR%2FCrvuWMjPkQOt4HeHI5AZWBgWF952ehLmN4LAvxxEZWosUzBqi65eARg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b4b41aa57765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ttt-305x202.png
www.moirebenok.ua/wp-content/uploads/2017/06/ 131 KB
132 KB 294ms
293ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2017/06/ttt-305x202.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1b5a0db3d484274de7043c83bc52fd2829b4f77eeaf803b3c884e5aed03465

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 134236
last-modified: Sat, 16 Feb 2019 01:11:29 GMT
server: cloudflare
etag: "5c676341-20c5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dyclEah9h%2FZiBcmzeiTXwT%2FP3duMApPz62M2X%2BuQd8mQSi8%2BmWI%2BZjvcojc5hKeY4bdeChm%2Fz6RJ3gcPM9Tu43CpU1Nu34MEHraNCJ1JgEwNH8T1qExbNTEuXowZ3%2BA%2B1Dv4K1ouk80nnFZ1YxGWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b4b41aa67765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 iStock-943923420-305x202.jpg
www.moirebenok.ua/wp-content/uploads/2019/02/ 11 KB
12 KB 219ms
218ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2019/02/iStock-943923420-305x202.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

231c2700ed2fc5a9c460820e92a3aa2ccd32e43cbdc54c2354fc0bae07499326

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11468
last-modified: Wed, 04 Sep 2019 07:36:58 GMT
server: cloudflare
etag: "5d6f699a-2ccc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pr0XAQYfeNh1ejN%2BC4isk5rcljqZQK6s8wl6AKCxDbnNawqhas%2FTJLDR4klGrXpXzR5Mw%2BpOd%2BJEzveHLI%2FcKyhIy96r%2BCzERTZBopGrinjkEr0OWoSzpKjgahLQkrWrVilVaGMmGAtLbiADhuULeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b4b41aa77765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 iStock-640352102-305x202.jpg
www.moirebenok.ua/wp-content/uploads/2018/10/ 17 KB
18 KB 276ms
275ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2018/10/iStock-640352102-305x202.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78bbbbe974940d43fdb4d6f5d7b4b06fd2efb285536956930cc3ca409b122af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17758
last-modified: Thu, 05 Sep 2019 08:31:23 GMT
server: cloudflare
etag: "5d70c7db-455e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMJ5dWpxxIuAs9XaR1jcH1UpBxIyFNXOF0QEWVWmRBEw5GYcnU9eT1fiV%2BumZJEuvu7Iy%2FxW%2BqW%2BZnHYZUjklCR%2BwN0q2PY8PMlhKXtlN%2FtHO%2BWyMxES0fCHWFA04CDaNsQ7UHHaC1Y1IKZPV1IEgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b4b41aa97765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 130ms
130ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexnce,time:1105,type:e,im:%7BpLoad:1054%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B776~0%5D,as:%5B776~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:135,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:52 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
BLOB 200
OK d56a99b8-6657-44d3-a14a-64e20764fb3e
https://s0.2mdn.net/ Frame 03E1 14 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/d56a99b8-6657-44d3-a14a-64e20764fb3e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7d4fe416cca38e890d630af68d3ca5057b02ba374a715ebf2a1aff5239148d3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 13876
Content-Type: image/jpeg

GET
H3 200 de_DE_imageanimation_NH_D_EU_Nordic-Nature-Lake_300x250.js Show response
s0.2mdn.net/creatives/assets/2987685/ Frame 03E1 40 KB
23 KB 54ms
54ms XHR
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2987685/de_DE_imageanimation_NH_D_EU_Nordic-Nature-Lake_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efea7de30bad67c52ae6500fb543289fb7ef3136075f9df65c62210c67472ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23728
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 07:07:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Aug 2022 03:48:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:46:52 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 169ms
57ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-59638469-2&cid=1916196167.1660448809&jid=2027287966&gjid=183401344&_gid=1013874019.1660448809&_u=aCjAAAABAAQCAG~&z=505783000

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moirebenok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Aug 2022 03:46:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.moirebenok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js-animation_de_DE_imageanimation.js Show response
s0.2mdn.net/creatives/assets/3389262/ Frame 03E1 66 KB
18 KB 55ms
54ms XHR
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3389262/js-animation_de_DE_imageanimation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=s9nWImPZLH&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18063
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 17:53:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Aug 2022 03:51:23 GMT

GET
DATA 200
OK truncated
/ Frame 03E1 16 KB
16 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BCC2 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 22619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Aug 2022 21:29:53 GMT
expires: Sun, 13 Aug 2023 21:29:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CF06 783 B
536 B 63ms
63ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6dd1ca58978bf6d39f174938bee292ee4d85160163bbc9b14979083dbb52bcea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-whW771Nnz99fnjjButN8zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.moirebenok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-whW771Nnz99fnjjButN8zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 03:46:52 GMT
expires: Sun, 14 Aug 2022 03:46:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 89-260x160.jpg
www.moirebenok.ua/wp-content/uploads/2022/08/ 12 KB
13 KB 50ms
49ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.moirebenok.ua/wp-content/uploads/2022/08/89-260x160.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2be2c56c0119c3050a9c589573113a20bca8a9502a31e5c143adb63b9dd779

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 150567
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12348
last-modified: Fri, 12 Aug 2022 09:38:25 GMT
server: cloudflare
etag: "62f61f91-303c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8epnPmStlo70hzwSUq2Bg9qoLsz2hO%2FOunGIywI7JjOMHQDpxzNtq%2BNIVXsu9o6ZIlMLQVf1kh2NRyVzCIne13%2BH8szoRnwBP20rQj%2FRXwEH8AL1qUM6Edzmx%2F70pCckI0c%2FLBx3zxFIrfdzNftnNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73a6b4b50b857765-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 NH_D_EU_Nordic-Nature-Lake;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpp6R7LXF-QIVqIL9Bx0enQY3EAAYACDgkNJNQhMIsID367XF-QIV0vF3Ch3I1g9O;stragg=1;&timestamp=1660448812314;str=LH/NULL/197/amadeusBestPrice/ Frame 55B8 42 B
494 B 218ms
89ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpp6R7LXF-QIVqIL9Bx0enQY3EAAYACDgkNJNQhMIsID367XF-QIV0vF3Ch3I1g9O;stragg=1;&timestamp=1660448812314;str=LH/NULL/197/amadeusBestPrice/NH_D_EU_Nordic-Nature-Lake;strtype=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame BCC2 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1CAB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=moirebenok.ua&sn=ChromeSyncframe&so=0&topUrl=www.moirebenok.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=NdwaA3xxNDFpbUtDdTgwM1RodzFZZWsza0NLUkpwMXRsSWJJdXQyak0rUnl4QmsxSXhnR3dvdHNidUFRcjB4L2RnSlFsUVB6c2U2bUhJVTBleUxxb1o5TjVBc2t5MHRFM1RoSkpzdjdJT1B4VE1aV0ttUlNVUjlBbnB4Mm...

430 B
631 B

404ms
59ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=NdwaA3xxNDFpbUtDdTgwM1RodzFZZWsza0NLUkpwMXRsSWJJdXQyak0rUnl4QmsxSXhnR3dvdHNidUFRcjB4L2RnSlFsUVB6c2U2bUhJVTBleUxxb1o5TjVBc2t5MHRFM1RoSkpzdjdJT1B4VE1aV0ttUlNVUjlBbnB4Mm5ESnhzTU8zU3JrWFkxcFo5NXQ5QWVUNHhUcGtqZGU5MWJZYkFEUklRdUp0bXM5Q0NLTHg3WDl6c041L29KTEt0OU1BM2pVeGRjSXpNd2VHTE5RMXhVYUZSOXdGZEVkdEVUUklhMGJtSXIxYXR0QkJDTzQzc2hkS2FjandUNVJETkJVUWtqekZjOG9XMzl2MDN0bHIzenI4Tmt1OXpaQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1dca9f98be6ad5f94d4cf237952a1d38a62a8727af64661d6f9e3fadc0fafc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3833
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:51 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=NdwaA3xxNDFpbUtDdTgwM1RodzFZZWsza0NLUkpwMXRsSWJJdXQyak0rUnl4QmsxSXhnR3dvdHNidUFRcjB4L2RnSlFsUVB6c2U2bUhJVTBleUxxb1o5TjVBc2t5MHRFM1RoSkpzdjdJT1B4VE1aV0ttUlNVUjlBbnB4Mm5ESnhzTU8zU3JrWFkxcFo5NXQ5QWVUNHhUcGtqZGU5MWJZYkFEUklRdUp0bXM5Q0NLTHg3WDl6c041L29KTEt0OU1BM2pVeGRjSXpNd2VHTE5RMXhVYUZSOXdGZEVkdEVUUklhMGJtSXIxYXR0QkJDTzQzc2hkS2FjandUNVJETkJVUWtqekZjOG9XMzl2MDN0bHIzenI4Tmt1OXpaQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1581
content-length: 541
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF06 0
0 88ms
87ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=3225682795558849&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59638469-2&cid=1916196167.1660448809&jid=2027287966&_u=aCjAAAABAAQCAG~&z=129923367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 176ms
64ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59638469-2&cid=1916196167.1660448809&jid=2027287966&_u=aCjAAAABAAQCAG~&z=129923367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 55B8 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1YbG21rQiMTNWKiwguKAbtKQgYpInnwCt8ODRk-5guEfWE0mRT1pvqJ64aUXAzK02SEHjr0Po9UXhwWf_DnJ18EeLNEjKXgQCga1VFpMSGm0oiTmyiv-i1Edg4tc9m3VpdTFavxo_hVxK&sai=AMfl-YQzflP7h1GUdQTwoUBQQeiHyC8seAfHgyfeoE8sefuFHCMD1ZMdFqVItXSH2lXNoRETi5_317DCwwSczk-n7Hnc3UtZ2IjqG3Bzlb6LZ83FNH4x83XagVxiopM7&sig=Cg0ArKJSzLl-fv9ePLJQEAE&cid=CAASJeRoJOk57eTPkNwU6JS66xzqT__qMwOzBUt75FIj1SVtYBEP3wo&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=569834508&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660448810003&rpt=1430&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 130ms
130ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexngB,pingTime:0,time:1376,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:341%7D,%7Bpiv:100,vs:i,r:,t:1376%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0,0~100%5D,as:%5B1047~300.250%5D%7D%7D,%7Bsl:i,t:1376,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1047~0,0~100%5D,as:%5B1047~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:132,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:52 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BCC2 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sPMENg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 03:46:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=3225682795558849&bg=!ExClEFTNAAa4hXTbmIU7ACkAdvg8WoV-s2M6WZ_CxGmk4Bq_81OuS0P9-QVa43wiaAOCNqn1HJiM_wIAAABbUgAAAANoAQcKAAZ3g16_ntiZApS5AZGA8iqWLDxjEY-hVhESJueszkIomrnguq420NgHmMh1HS3kZ3OSNOMojHhtnzJtoRrd-X0raiN9VYN7os5oMA59RxKEzTE1Nzc2vjsripdVA3cEJLnrqQRri2ziNYhyVGcXZeagDLkYwVtuGSeZ-XckQTeSiAnpPFQEOCycS2Hz7rkePDoW-jMD8yU_vLQEOhKoQWgwQ_lfhl6wBuUoBm_KpkUr_PG3eD_2uPlKTrdePVVUT6AeWotQqroX7Td-mqDjsb7L_ZX84TK2GddrYWF8nHMEzJegFijuyI1_rP_Lo-LjTM_SYVfUmE9l1uu09WV3m4A64TNIlLYwhcVDobb5AYfmrC16MQRcizvtx-sbQ55Vn-tMjBlUHeluPflFPYKe28Bqu4au0baRIjK5GL8EIIDRnA07VBb9ARtuWs8UOCOth3Eb7rP9WOHOKeeMkINhHrBUaEMa49txvU1mBzecHUjKM7NkC0AwmvIvscAYq-RA85zei3wr10hxn-YBXh4oWDbSkAx8kzNprTE6hrcNc8EQeCh7qBO-OS6lYRwaDII2ulOMMTBMQBlZtc3DgjTm1lvbTWGqNZAJLWLCCVitOB9rEygiP40aaa4krKUj9U3AU4kqsMKoRkJPR-GODStBnD4NEE8Jk3CXdPqkSai9ZWRsq1ocGAaK-9nF3BBDolcsSxxOjTGEWBK4-UmAc1gOCrWrkkDuA--IPo35llndE6QW55h37uPOBsqG_Buq-4UUbUYQDSCyeN2IwCgfEK9ejjn4_XJYTHv9UQyB3MJOiy4vUvQ_p6wIRrnc8M17AwniIMF3flcpfKO3LSaeOzcBJ5P0ctxBBlIexyydFX2bBHH-U3aahUsjZ4wA5hIaW3g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.moirebenok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 130ms
129ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexnwK,pingTime:1,time:2377,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:341%7D,%7Bpiv:100,vs:i,r:,t:1376%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:1376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0,1~100%5D,as:%5B1048~300.250%5D%7D%7D,%7Bsl:i,t:1376,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:133,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:53 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 131ms
130ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexnwL,pingTime:1,time:2378,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:341%7D,%7Bpiv:100,vs:i,r:,t:1376%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0,1~100%5D,as:%5B1048~300.250%5D%7D%7D,%7Bsl:i,t:1376,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:133,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:53 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 55B8 43 B
215 B 131ms
131ms Image
image/gif 2600:1f18:1aca:4281:a4e2:e749:4428:16b3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=ef1dc9de-ef04-f921-4518-af178aad633c&tv=%7Bc:lexnwM,pingTime:1,time:2379,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:341%7D,%7Bpiv:100,vs:i,r:,t:1376%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:1376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0,1~100%5D,as:%5B1048~300.250%5D%7D%7D,%7Bsl:i,t:1376,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:133,fm:tes9ZGx+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C1821%7C1822%7C1831%7C184%7C19%7C1a%7C1b1%7C1c1%7C1c2*.925113%7C1c21%7C1c22%7C1c231%7C1c24%7C1c3%7C1c4,idMap:1c2*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a4e2:e749:4428:16b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 03:46:53 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET 1-305x202.png
www.moirebenok.ua/wp-content/uploads/2020/07/ 0
0

GET iStock-1143790663-305x202.jpg
www.moirebenok.ua/wp-content/uploads/2019/07/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECap_26XSEciVonrxAMy8-s&google_cver=1&google_push=AehlK4Ae4fK7MF_rMHbQRbsWCI-4kl4Is9NLEOAWg8QRgtBq3-mLR1n8ae0GSE3S9buLlmgizAy1S7PaD3vDEv6jHpo6gHubpGZC

Domain: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/uploads/2020/07/1-305x202.png

Domain: www.moirebenok.ua
URL: https://www.moirebenok.ua/wp-content/uploads/2019/07/iStock-1143790663-305x202.jpg

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 07:23:44	Name: am-uid Value: 5805c5dc57dc4e5d8139152b50afec8c
www.moirebenok.ua/	1969-12-31 23:59:59	Name: Value: store.test
.moirebenok.ua/	1970-01-20 05:14:09	Name: __io_d Value: 1_705468254
www.moirebenok.ua/	1970-01-20 13:59:44	Name: __io_lv Value: 1660448808580
www.moirebenok.ua/	1970-01-20 13:59:44	Name: __io Value: 63253853c.3f39c618c_1660448808580
.moirebenok.ua/	1970-01-20 05:14:10	Name: __io_session_id Value: be6e4dc4e.2a638f566_1660448808581
.moirebenok.ua/	1970-01-20 05:14:09	Name: __io_nav_state12552 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.moirebenok.ua%22%2C%22previousDomain%22%3A%22%22%7D
www.moirebenok.ua/	1970-01-20 13:59:44	Name: __io_unique_12552 Value: 14
www.moirebenok.ua/	1970-01-20 05:15:21	Name: __io_uh Value: 1
www.moirebenok.ua/	1970-01-20 05:14:09	Name: __io_visit_12552 Value: 1
www.moirebenok.ua/	1970-01-20 05:14:10	Name: session_id Value: 7c136a64-1c2f-4b37-9619-b9b85bbe8cb2
www.moirebenok.ua/	1970-01-20 05:14:10	Name: session_pageview Value: 1660448809.1
www.moirebenok.ua/	1970-01-20 05:57:20	Name: site_visited Value: 1660535209.1
www.moirebenok.ua/	1970-01-20 14:50:08	Name: lapuid Value: b9dd2583-8700-47ac-9cb2-f18deedbc10b
.tt.onthe.io/	1970-01-20 05:15:35	Name: io_uida6a85e8b8a3a49782382de2f9949a9f0 Value: 14
.tt.onthe.io/	1970-01-20 11:35:44	Name: io_user_hash Value: 63253853c.3f39c618c_1660448808580
.admixer.net/	1970-01-20 07:23:44	Name: am-uid Value: 5805c5dc57dc4e5d8139152b50afec8c
www.moirebenok.ua/	1970-01-20 05:24:13	Name: am-uid Value: 5805c5dc57dc4e5d8139152b50afec8c
.yadro.ru/	1970-01-20 13:59:20	Name: FTID Value: 1Y-70e1EzbuN1Y-70e003A2b
a4p.adpartner.pro/	1970-01-20 14:50:08	Name: apuid Value: b9dd2583-8700-47ac-9cb2-f18deedbc10b
a4p.adpartner.pro/	1970-01-20 14:50:08	Name: apudmg Value: 1
.yadro.ru/	1970-01-20 13:59:20	Name: VID Value: 1nIL3p3x7quN1Y-70e003A2_
.creativecdn.com/	1970-01-20 13:59:44	Name: u Value: jBd1mbQWsyKtXDNnljJd
.creativecdn.com/	1970-01-20 13:59:44	Name: ts Value: 1660448808
.adnxs.com/	1970-01-20 07:23:44	Name: uuid2 Value: 3708988528568074047
.bidswitch.net/	1970-01-20 13:59:44	Name: tuuid Value: 31542910-3d8c-4f74-8184-184f8488eed3
.bidswitch.net/	1970-01-20 13:59:44	Name: c Value: 1660448809
.bidswitch.net/	1970-01-20 13:59:44	Name: tuuid_lu Value: 1660448809
.moirebenok.ua/	1970-01-20 14:35:44	Name: __gads Value: ID=fc077c1abfa613c9-227f9a7ef3cd0052:T=1660448809:RT=1660448809:S=ALNI_MYathLB17Ve2hNNDy2LVGrWirjImQ
.moirebenok.ua/	1970-01-20 07:23:44	Name: _fbp Value: fb.1.1660448809333.1414733999
.moirebenok.ua/	1970-01-20 05:14:12	Name: AMP_TOKEN Value: %24NOT_FOUND
.moirebenok.ua/	1970-01-20 14:50:08	Name: _ga Value: GA1.2.1916196167.1660448809
.moirebenok.ua/	1970-01-20 05:15:35	Name: _gid Value: GA1.2.1013874019.1660448809
.moirebenok.ua/	1970-01-20 05:14:08	Name: _dc_gtm_UA-59638469-2 Value: 1
.taptapnetworks.com/	1970-01-20 13:59:44	Name: SONATA_ID Value: csonata_435260c2-f7e0-496a-8ad3-6c4de6bbc7bf
.doubleclick.net/	1970-01-20 14:35:44	Name: IDE Value: AHWqTUmx0dzzGWmH0kdpr2_4ZVYonn_fXSVD-WayifkwSlwgaD0Hg93HiNxqfWegOt0
.casalemedia.com/	1970-01-20 13:59:44	Name: CMID Value: YvhwKuRiHCQMELf1KtVqAAAA
.casalemedia.com/	1970-01-20 07:23:44	Name: CMPS Value: 1122
.casalemedia.com/	1970-01-20 07:23:44	Name: CMPRO Value: 1122
.quantserve.com/	1970-01-20 07:23:44	Name: d Value: EFMBCQHtJoEA
.quantserve.com/	1970-01-20 14:44:23	Name: mc Value: 62f8702a-5786d-8a9e0-ab8df
.adnxs.com/	1970-01-20 07:23:44	Name: anj Value: dTM7k!M40<EVNsVF']wIg2E?fczAwO!]tcs8i_jCf!vUN2Q:6-%Rsolj!.FEt=@iP@:?Rm9]wgZ?ppY>OBg1LE?fzPTs.u5F=Ue0ih-:-1(K)7rLo%Xr08_+oZCg8XG$mu)XmauXF?P[-m?PJ^Wx8tN3FR@PsXH%!9[g=TqPif
.casalemedia.com/	1970-01-20 07:23:44	Name: CMTS Value: 1142
.agkn.com/	1970-01-20 13:59:44	Name: ab Value: 0001%3AhsKSOIPg7T13LHRW70GdGgjFX2OFpX4A
.agkn.com/	1970-01-20 13:59:44	Name: u Value: C\|0CEAqiyyrKossqwAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/	1970-01-20 14:44:23	Name: na_tc Value: Y
m.exactag.com/	1970-01-20 07:23:44	Name: exactag_new_gk Value: f19449526daa43848b66119bca1ac9bd%7c13.10.2022+03%3a46%3a50
m.exactag.com/	1970-01-20 09:33:20	Name: exactag_new_uk Value: b5416676baf945ceb00c2d4828e2a132%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 1a70ba09401649d09fa0e890
.addthis.com/	1970-01-20 14:44:23	Name: na_id Value: 2022081403465100018374073518
.addthis.com/	1970-01-20 14:44:23	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:44:23	Name: uid Value: 62f8702ba4200308
.addthis.com/	1970-01-20 14:44:23	Name: ouid Value: 62f8702b00011621490f4ee836a3d43d024e6284a6aa33081e70
.dlx.addthis.com/	1970-01-20 05:57:20	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 05:57:20	Name: na_sr Value: 20220814
.dlx.addthis.com/	1970-01-20 05:14:08	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 05:57:20	Name: na_sc_e Value: 0
.moirebenok.ua/	1970-01-20 05:14:08	Name: _gat_UA-59638469-2 Value: 1
.criteo.com/	1970-01-20 14:35:44	Name: uid Value: 6ecbffe6-0ac7-4b66-b60c-d1249fe40b53
.moirebenok.ua/	1970-01-20 14:35:44	Name: cto_bundle Value: DM2uk19rNlZmVDhlZ0JSJTJCdEtBSkhJeTlGMExnSVl5bE81SThzcUplYXRicVJqMXZBbWFLSHMxJTJCZ0FWYUNmSUFqdGhkV3BiR1FKUVNtQ3EzSkRUVG4xVnIzZW05RlZoU2xTJTJCZHpEMEJWbzJCcmFiZ0RmQ0lMbmljWkJrOVp3JTJCTnZVcHY5RXhzYVhrZlI2dXl0RXo5VGY5UCUyQlhBJTNEJTNE

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&h=250&slotname=7659859057&adk=2353355361&adf=1860012115&pi=t.ma~as.7659859057&w=1000&lmt=1660448809&rafmt=12&psa=0&format=1000x250&url=https%3A%2F%2Fwww.moirebenok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660448808732&bpp=1&bdt=924&idt=366&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x250&nras=1&correlator=8795719047812&frm=20&pv=1&ga_vid=1916196167.1660448809&ga_sid=1660448809&ga_hid=471335202&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3225682795558849&tmod=1107275892&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=h5jvuE1nNT&p=https%3A//www.moirebenok.ua&dtd=368 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECap_26XSEciVonrxAMy8-s&google_cver=1&google_push=AehlK4Ae4fK7MF_rMHbQRbsWCI-4kl4Is9NLEOAWg8QRgtBq3-mLR1n8ae0GSE3S9buLlmgizAy1S7PaD3vDEv6jHpo6gHubpGZC Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AE8IcGUXGw1BsG7UTB7tF1FsrtVLTLm1U90EdjGyTG5ZPsK1OmYvIB6YA1y6F-n8ZaZO_yymOlAHSMO6g83b3oQAL9AyAN&google_gid=CAESEER7B9c-uLUBp2EXQBZGdqM&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4A-U4KFy5U6i66blqspK23dWLCLVDa138_i0A0xVYn8CzqCEHse7qaNQi6xGaDIN5IWcqwt6FXUpb_QSm9WoEusVnxVWVTL&google_gid=CAESEER7B9c-uLUBp2EXQBZGdqM&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
ade.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
bidder.criteo.com
cat.nl.eu.criteo.com
cdn.admixer.net
cdn.onthe.io
cdn.websitepolicies.io
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
content.adriver.ru
counter.yadro.ru
creativecdn.com
csm.eu.criteo.net
d.agkn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
m.exactag.com
m.trafmag.com
moirebenok.ua
mug.criteo.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
polyfill.io
prebid-eu.creativecdn.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s0.2mdn.net
secure-gl.imrworldwide.com
sonata-notifications.taptapnetworks.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tt.onthe.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.moirebenok.ua
x.bidswitch.net
googlecm.hit.gemius.pl
www.moirebenok.ua
104.18.18.126
104.18.19.126
116.203.211.129
142.250.185.162
142.250.186.130
142.250.186.162
142.250.186.34
146.0.227.109
178.250.0.139
178.250.0.165
178.250.2.146
178.250.2.148
178.250.2.150
18.195.201.66
18.202.123.230
185.184.8.90
188.40.114.52
193.200.65.6
198.47.127.18
198.47.127.19
213.202.235.10
217.16.18.206
23.7.201.234
2600:1f18:1aca:4281:a4e2:e749:4428:16b3
2600:9000:206e:b400:1e:a43d:b640:93a1
2600:9000:223f:c200:8:48e:53c0:93a1
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9c
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a03:90c0:e1:2801::254
2a04:4e42:c00::282
2a06:98c1:3120::3
2a06:98c1:3120::c
2a06:98c1:3121::c
3.122.40.23
34.98.67.61
35.227.252.103
35.244.174.68
37.252.172.250
51.83.220.94
52.29.69.202
69.173.144.165
88.212.202.52
032a7eec988c3b8754a1ed125ea70c486cadcacc0dfa102acdd0234247afe7c8
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
0875b0c19a8047133d9960d3540a56cc4825418a92957523cf7f1a1645b38196
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12bdd2652710ee5e2bc85d55f396656ecdd51921eb1b7fd71cca46a0a06fca14
13595431ecf6090ddda6386d42c08b6b21179b1ecdfe70754f0740848486c17a
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
15fbeaf163442f8440e89e32b6d05163ab41cd2164cbdd0dbf8693521a5e58e7
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
16d2fa0223270f5bac260f85d9e9dd5d18e08b67aa709050bd216c6aa1f2d70b
187acc87a0fcfcd7c10710a507cf565ad7da99a79547773617341878e1feb516
189a88e5775309c7a607d49886d408ce1d3bd58eafcc516bb37d89206437e3bc
18da79f767f5a603e9b235ec78993380e8c00aaf1ec855049e8a79107e3013c6
1bb0a64e644819aa3dd39233c77d004db16cfbbac096e07ec9a2868aa08bc9cc
1dca9f98be6ad5f94d4cf237952a1d38a62a8727af64661d6f9e3fadc0fafc3c
1de98548f64b1d7d313dcd354ba6df0f9b6d0308742122182e477edaeafbdbd4
1f7affc9618a3fde55be759558f3b7dfb168a219fa6199af85f55de15e880b73
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
231c2700ed2fc5a9c460820e92a3aa2ccd32e43cbdc54c2354fc0bae07499326
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23b0437aea0523868e5c0b2b344c2335d7f5e1130f2bfbd6514417f0e5247fb0
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2a192c15ffc8c9279cecdfc1c71df9632fe96813b23e5ff7ebff67c2d52e2c34
2c04bacb2dcb5068dd339525a94ce21dc9538a6d6027a0c305b3a6d0b74fa51e
2d58d46be1f35b78ccafcab30011144eeaf985c95227ab27d683fbb46cdf2ca9
2e59feca4d6548d198e22008a2c920f958812aacbbc31dd4d0d426ac260f73e6
2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178
3085c06e4a8df690b126de6bf43c338fe2fbafb62daeaa6ac91184d11803f0f1
332bdd388e0755d5941ba7cd61d8895d5284e0627c153f10d5280da8d0fc6e66
3489b7bc802f2fba21ff06774101330c89c3eb62be49637212a053e331961214
37c43f9c7dd8c93e734cd4643a235f99b3cc3fe388b0ef66317c7fc59d99f106
38adf65cd2eb8553fc1338f56105c1598ba39bb5e2c09a052f1f7477b2c71d55
38c6250122b596582e8dbe3d46b69f335dad200c3a7dede6f685be0dd797b78d
3ad01c1e9b15e3760ed1fd27cffab680af91e2c02ad93c504f2b555ceaa36129
3b700f4f712a190a91278447045ec252bea082c69912da975606350bc8d48dfe
3bb31b71b9abf0ae4a3b5ec2abac5ab2315985fc43e6819114db9f7f89043979
3bdd14a7043734892859f57be88468fa77a47292264b36dc0d2c7910e536f44a
3be7b03ed0a8bc2524a0c1bca4bab6a04461bde8c9e1165c723b8e4b21ff51eb
3ec9af02e6ab4c314ab99bdeeed875d63656fcf274112ac92bea31e0eb72e9f7
4060ed9e4980a8e3b490250bde75a117635b71e4d1d03ae3d1227c7a2c85a214
429dcfd4ec98fc50bb9054c0b01fd0295c41616d3c66b69c4944f4db4c8e32f4
4395fc786593962471544160f998534deb349b457bc3575ca8aa22c3a87d1cf1
444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0
45411121c06e1034ce9fee935438d42258ff29053c3032f3c1794511bac7bdd9
48a304cff1281a3b2a276f8415e399ef29cab027074079bc76f29e126b618c44
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4a2be2c56c0119c3050a9c589573113a20bca8a9502a31e5c143adb63b9dd779
4ac067260d83571f79b6d265535f5555f1aea8770cb76703777b0897b11106cb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1a111efbdb45ba518f8ce585e53164241d1e75b3442bb6ffbbda7bd8b0dd52
4d1c7b736a6f94421ee9bea7bbe3ec2361df804209ca5c79ee29734026396e0f
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d9fb30b4577e445e856e8767652dd077b4072c5a420c32feac062b2fb6790e1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e63d765a9197d6bd3566b75ebf2af10a075ff7d1bfb0f07aae90a32f718e343
4fe445472f3370aacec7b4dd165297ce3486c5c01bef02f015d4dd4a72f7c825
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
5161339189f5b1686993a23fff16133e409f3c33fbb95735779da0cb8225d2a5
5321d9d56c62956a39bd1028bc956697830887a2359dab900dc896a744a60d05
5541edabea0e421b3afaacb77e81ea79805593a93c3099e80d598d79dc2f7d40
5556680f7fe894a585536dac8412b5dfaa6e2ffa8893b98d4a19ef1a20747c76
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c0d7f01c28a577800a554f617443eb187a6b3711bea63e0c9f578ac44853da
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5730581950383bcc3585e2187c3a8ee3e1c1a341b8d34fad45326a0f139a3c14
59ec5776ad0a01befa5274e621776b6af59c40b64703cf9fadeade6974fa64e3
5cda06771a2213a22c484081bc5adf15ce1e86fed4e43ac70477f21d28ff2782
5db30952562b2a6a26eef2331a811d4d209861f47b188e9e2fa2055258c991d6
5e4a8d675142988d5a467027a3bb234e05d1a80eb4ff2b62063a1e95a05926a5
60bb66a4066547ae8ab6db3ca66053088fd5b5215d6ced7acfe2bac1842b6327
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6190556068482d3fbbcd2d44cd9ca448c1962af52661de14f8729cfa976acad8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6223c2bdf0e3f03588ab7c8864cac1e784998ae21f2cf4d2a937d44875159f4a
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
6723efb202ed982d9471a95e28b3bf0a9dbf4521de59f8c4524b31d061183b5a
675d92a95ab665bcae471e54bad1f3dbe6c91aca6d9c77617a9a2c7398632aa3
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69b0ad60bc326c9e592298ca9b7dab269488f8fd957dbbe1e6e1c7bfe16b38fd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b8863303bb7767ef0440576085edd5b60e0158a866f9596263204f243ffd797
6dd1ca58978bf6d39f174938bee292ee4d85160163bbc9b14979083dbb52bcea
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
745e44d76fd520a3c024975f9fedc8770117f772acee8fc15af4659ab2178cd3
7528c4a352f79030848be8b252fdaf54eeb4c180a14432cb174f6f22b6e7db13
75917a69ff81ec540c9ace6c89806af3501c526a43664ca5c6b843cf2145606e
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
761a7acda7c71ceac2fe0748d7bd8b7a5c7a6fcf1229b1d7b6548021de4e7bab
78bbbbe974940d43fdb4d6f5d7b4b06fd2efb285536956930cc3ca409b122af0
79ec114fe61962245f46918159d1879c6e3f17976b9d96ae8080f7a8e60a3ff5
7e1b5a0db3d484274de7043c83bc52fd2829b4f77eeaf803b3c884e5aed03465
7ee18d13fdd6c06a906e9e830c8c963af53c36c0d223139a5ff800b7bcb8801d
8081c76de1493e67239a84553a77c274e740ef5dfffc875d12b94eafd6729d65
80b3768722e88f5132f1b106ebc77978d1f14de8b33ed0f1304604e54ac60141
8106512078bb15e654a7bb558ff7ddf9108225972a48c3a188b9fad9f746a7a6
81a91b1c0cee049b61cf175088cbf3e3ee802e256e48995d8499b7465e1320c9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e70425dd56c075dd82ad127ccfe0031652f7a13a841d53d57b1dba72f4a4c1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8567628cfaa3c99fe3408afb42d6e764c32986a1e502664bb6609d2f4ae6f9b0
86cc6253fe00955194604b1ba62488c913ccf464dc26564f9f254c65ec744ba1
8927e3e429e0c8f5462230914a7d85a676d97d9faf81238b73c6099bcedbd282
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d23acf83cb2c975307b36a7ba27c66ec8efcb7bd54a209c555299ab619c3dbe
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90bbcb9db7c9cb053c19be00501d286e22046a098a831cbfcd88f03a02c19836
9184d978722c04a200291924638eca8c7313f07dc21d0448599c1aba98243fa0
92ea73bf1dfdbbac475dc32ecbe4e247b1a5fad35a9e934f037868281e7b6712
93b6d06fbda857acd518012a13319cecfab1cce720fb9437d294a4111f6e1c3a
9554a6ce8e55e6a3aea580a84f81a6e2d69343c89fafc14b5e9524941414b4ba
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97d6aef654080f36d77bb14801fd6ba78bf4e435afeaebfa37f47a68ac570897
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bad1a08bd9891a3223da6570294dced9b86cb7399af63277aa51e3ec7241512
9c1c5d696c227d937e2c6fae27241e11a136378fcbfba56c8c1b5cc8f20549ce
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0df9cbd5e46fc9b1c5ee17e3c7b9ccfcf6f9115512807f1725f6fcf8d9b8c6b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1465c9fd4f833c9278a3b58f42b9536a206e97d3f7278dfdd45db1fb752fa52
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bf56f770e71ede30cde73002415b2a52b199925e327c8701c5e561b4a1cce7
a6975892297eeba778dd862e4ac8938308beeeb5ae73b6a89be20264e3e9599e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a78ebc0e3f7224fbc60ad9ecf9d369a64930053d29e33dd0ccd6349a8d28f633
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a7d4fe416cca38e890d630af68d3ca5057b02ba374a715ebf2a1aff5239148d3
a92f03212360b01277a56a5fbd24892f2757537dc062a4ce8fbd3aecf4868c6f
ab978a68ff9ff9f12378f72be0423c327c9aaa67eda35b4c712bd62fba93ca6b
ac3174827c65b1e7f3acd23cc6925b23546a55304c7e824f8aac22eb45b94059
ae3e15fab99e85bd9e151a762dfa6f4ececa63082a73f3c405faeb23ca0031ae
af8fcff1add7b573b30d2072f3acfa666873ee8fb80d1984ba6874f573d29600
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0d00f27bc3c1f2f319d6db5ede8140980e1dcfe7783fc8d7d1284f43dd041e5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a221c17d6a9307f2c58c2c5e815f54847e58da2eb67f61933c70cf23f51132
b400f9b4ef7225429aa8f4f659d5dc61f13334e68382d18101840138816e663d
b8203b26e684e70896c11e9880bf3d908184402380962b963d3badc4a20e25a0
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bc31dac6a14e24e7f3670b8ea456d67de35dcbd0f3d1b3ec8bfae28bbc1f2298
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be02a4117a893f41ff052e60b32b51c70d77d5e4d5bd28deb6641c65fa390b94
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c02a606d34cb40bff85dd3f597eb8c05c70fb4c74de4a98f26491ad57aed083d
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c1e9002469d273927cbfd9fca98e11e207c2984363d395f1e261a563fca594e8
c1eb8b74d87fec3570d2e1c6a83c8d807e9fea898442b056d1681cbbd9293438
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c53db134bbc2f473e349736b1621b49f692a5a8f46769410af038ccbcf4ccaa8
c567cf0802114f3bb25270489588977ac9e24b04b4784b0c2a087d5a1a5f366a
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
c78fd2d2c9b201685643b1323ebd3b103a28692d4a069a34e710826da6c81406
c85b49cc376162a5af9632235721a08aaceafbb691faa523d87669c17927a66b
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccc69f4e56001ce28d48f35df000e3f519c7e601824187f9f1d900ea18bb93b0
cd4558233e7c785d99e33b6b45179e7c9c101764d0246f5a49d5f9dd7c58cc85
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d11cb9a0d0edb29032d8b8fc5b2349435b918f9325dca314683faf0082480bb7
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d1e80a0a069d176a45a8465a3c31363e9b4efba948fe7471f0ef072d2930cb52
d34532392a8f18f6b67b608e1543f398991e0aeb2094c71020a0627e9c48c6a5
d5efdf2d5cb68faf008725ee772f8e31fdc170bf5da7bae48f6eb54a67b7a510
d7cc8bcfc1fc5d16824ad26c767cab40ec9ab396fc1163f926e3ef451615962e
d81f42c68afe5817619165de86e7fdd6ba8a67716798c2112fffa30162f08fda
da55350f5bd788535868a81a41b0fe63f576d18d95c4ffb2a07041f99fa93c03
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc77eff6ee75aa5b7773b03b28ca9645c2cd8e39bc24ce78e106becc13bad01e
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
eb03d5c88046cd6bf4bf958b581f783cc1f6b1f21f91af45c3e0ce5cf137bd0c
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ee5d286749922e88120ab2a25b7c56598896d042637ad7f030e0f8374a58bc6f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3714266227b248377ac4be8337cffac15d58d22d2bbf149033e1930ee14a71
efea7de30bad67c52ae6500fb543289fb7ef3136075f9df65c62210c67472ffd
f000b85e888d98144ce469e6cac3d8e9bf1eea9e4e29ebcf1faab52b054fb35f
f1a99964d18d9bf5e9b34190e9059d17da326820580adaae405001c17179e8d2
f2eff75791f52a154f6e59d643a3286ee00016d16390e55c306c10d7e83bc7dd
f49a4ed7c13cf45bd9cd70a0982ce545c4780c21520f634e7a8acedcac227a36
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f9c960aa0fbba5adff5e1fb84755a8a99a43a74eeb8f2266a0f4aa831bf328
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7c6888873bd0f487fadb5c6d7a44d6a8a55b4a6354925960847f1176cb39741
f935bb7fc6ab5f627e7c6de8c9bda431c4c85f16b5cd0382bec262ac65897b93
fc0a8938e4694200f691aee8be6cdbef8b459a829bddd142349f85b5175037f4
fc225c656a353d69cea633a055e54e95ecf7ad887655287b923b5c5989fa398d
fdae3f09c7f7037d038f1afb1dfa0fb6a354ce6ab48f786980b33d5c0d8412ab
ff636d354922804cb81e44005b2b72aa3aefe418deb6e6a866df604059e6d1c2
ff87ee21ac856d2e8e3579631337d4570cb2770c8e793a8bdefbcf736d215076

www.moirebenok.ua Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

340 Requests

94 %HTTPS

51 %IPv6

41 Domains

67 Subdomains

60 IPs

11 Countries

4391 kBTransfer

9053 kBSize

60 Cookies

26 Outgoing links

Page URL History

Redirected requests

340 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.moirebenok.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

340
Requests

94 %
HTTPS

51 %
IPv6

41
Domains

67
Subdomains

60
IPs

11
Countries

4391 kB
Transfer

9053 kB
Size

60
Cookies

340 HTTP transactions
13 data transactions