kodeksy.com.ua Open in urlscan Pro
2606:4700:3035::ac43:c131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kodeksy.com.ua/
Effective URL:
https://kodeksy.com.ua/
Submission: On May 21 via api (May 21st 2022, 4:18:13 am UTC) from GB — Scanned from GB

Summary HTTP 80 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 16 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3035::ac43:c131, located in United States and belongs to CLOUDFLARENET, US. The main domain is kodeksy.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 19th 2022. Valid for: a year.

This is the only time kodeksy.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:303... 2606:4700:3035::ac43:c131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c03::78	15169 (GOOGLE) (GOOGLE)
1	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400f:804::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:5::a	15169 (GOOGLE) (GOOGLE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
80	26

10 2606:4700:3035::ac43:c131 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kodeksy.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c03::78 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:804::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:5::a (London, United Kingdom)

ASN15169 (GOOGLE, US)

r5---sn-aigl6nsd.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130 ade.googlesyndication.com — Cisco Umbrella Rank: 269	294 KB
15	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 bid.g.doubleclick.net — Cisco Umbrella Rank: 503 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	79 KB
10	kodeksy.com.ua 1 redirects kodeksy.com.ua	101 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	82 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 407	126 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 941 r5---sn-aigl6nsd.c.2mdn.net — Cisco Umbrella Rank: 285900	1 MB
3	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 518	1 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4630 www.google.co.uk — Cisco Umbrella Rank: 3062	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	84 KB
1	facebook.com web.facebook.com — Cisco Umbrella Rank: 226	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	42 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	646 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	39 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 660	30 KB
80	16

	Domain	Requested by
13	pagead2.googlesyndication.com	kodeksy.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	kodeksy.com.ua	1 redirects kodeksy.com.ua
4	ade.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
3	fonts.gstatic.com	fonts.googleapis.com
2	sync.search.spotxchange.com	1 redirects
2	r5---sn-aigl6nsd.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	kodeksy.com.ua tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	kodeksy.com.ua connect.facebook.net
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	web.facebook.com	connect.facebook.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.co.uk	kodeksy.com.ua
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	kodeksy.com.ua
1	code.jquery.com	kodeksy.com.ua
80	28

This site contains links to these domains. Also see Links.

Domain
uristy.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-19` - `2023-04-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-27` - `2022-05-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-05-10` - `2022-07-19`	2 months	crt.sh

This page contains 11 frames:

Primary Page: https://kodeksy.com.ua/
Frame ID: F0FACB09F7CFD4D668B839D3134E60E3
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: D30AB6D81B2698F14C7580DEF6738053
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&adk=1812271804&adf=3025194257&lmt=1653106688&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkodeksy.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688318&bpp=3&bdt=413&idt=225&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8002544592794&frm=20&pv=2&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240
Frame ID: 2F98E70BD86B127180ACDFDCAB60D442
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688321&bpp=3&bdt=416&idt=242&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jXm8ZzuiRC&p=https%3A//kodeksy.com.ua&dtd=248
Frame ID: C95308F6C7803FEA2E9565D8674D11EF
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1653106688&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688324&bpp=1&bdt=419&idt=252&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LQDgUPxnNZ&p=https%3A//kodeksy.com.ua&dtd=256
Frame ID: A43CDEBB816AB571EBF5C4FDC62C4951
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=8772215856&adk=2896405366&adf=2827832974&pi=t.ma~as.8772215856&w=1200&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688325&bpp=1&bdt=420&idt=257&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280%2C160x600&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ddzpQa6aeO&p=https%3A//kodeksy.com.ua&dtd=260
Frame ID: 8E7755EC293E48BF70A8B150019F3F12
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: 84C287775EF336E5996424B8A479F3F0
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v2.11/plugins/like.php?action=like&app_id=1858704387773680&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e9d89e79a44dc%26domain%3Dkodeksy.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkodeksy.com.ua%252Ff3f0362e6c6c1b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkodeksy.com.ua%2F&layout=button_count&locale=uk_UA&sdk=joey&share=false&show_faces=false&size=large
Frame ID: C4004B938B32C49FE4507832BCA3B3BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6EFD8E53A46905E8CFA36C3ECAB9ABEB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7051AC2F0AF2D70BEB7CD7D419D9B4F9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7E858871C15B89BAB15B875D522086E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Головна - Законодавство України 2019 рік

Page URL History Show full URLs

http://kodeksy.com.ua/ HTTP 301
https://kodeksy.com.ua/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

98 %
HTTPS

81 %
IPv6

16
Domains

28
Subdomains

26
IPs

7
Countries

2368 kB
Transfer

3738 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://uristy.ua/
Title: https://uristy.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kodeksy.com.ua/ HTTP 301
https://kodeksy.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://gcdn.2mdn.net/videoplayback/id/ab2e62d15087b572/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684642689/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/801BEAE466D8B5C4D05389069C6E8BA20E710FE1.33011392E72703A523650FB10019C29CE5DEB8F0/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-aigl6nsd.c.2mdn.net/videoplayback/id/ab2e62d15087b572/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684642689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21B9ED876CBE22D93509CDB43B873EB759F84C50.3B4CECEA2F27FFD1D45945D76764FAAC367F7903/key/cms1/cms_redirect/yes/mh/s8/mip/2a02:8c8:c10:30::14/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1653106274/mv/u/mvi/5/pl/32/file/file.mp4

Request Chain 72

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOTjQIQr5qcAhjvnsHKASABMAE&v=APEucNUb2LT6zPAEmojBVpMFJNnf4O1fhbV7-0Qt2fVbZNoCG-s7awUk5SDTPctAAcmsmN_f_6cfrqmDgg4_blIQ8Tz1TZoPPQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAWBeEWGDksNpdwepp6FYnU&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAWBeEWGDksNpdwepp6FYnU&google_cver=1&__user_check__=1&sync_id=061336c9-d8bd-11ec-8000-1e5bf6c20506

80 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kodeksy.com.ua/
Redirect Chain

http://kodeksy.com.ua/
https://kodeksy.com.ua/

21 KB
6 KB

169ms
113ms

Document
text/html

2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad9ac2f77ebfb719372ec028c1fae65bcfbf81bbd7a3ede70c4d33242cbfbf7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70ea819eb8617545-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 04:18:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FeLG9L%2FQMTVlsJnonWjj55BCDQM%2BidGBKKaOBD2PaZFWn1%2FZvGzxgLOu%2B%2BtIvrPRbVfwmrBpDGtdcKpag3u%2B9c%2FvjIR9DqM3MxZDE4OrKcmhkmCqODap4b%2BfxemoExLuHaG6HJRL%2Be8ZskI%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 70ea819e2a44768f-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 21 May 2022 04:18:07 GMT
Expires: Sat, 21 May 2022 05:18:07 GMT
Location: https://kodeksy.com.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh8Sv0F%2BelNI0qJXIOgNhM7A3ciUdHKkigVC9J6yHdNwlAKe%2Fr%2Fcpc17%2BLPxogHJvvHLkPXxsBVi4G1S14UdK%2BhPSJWN7WFE9oO90NPI25kzXUxvUu9HnIfykunPyr0i%2BEDIbFhZTOv0Z%2FvSjg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
kodeksy.com.ua/css/ 11 KB
3 KB 102ms
101ms Stylesheet
text/css 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/style.css
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4158f3737728c018c669913cb03f5f306370e8cd4d6869dd0aa493f42bcf29a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Nov 2019 13:47:56 GMT
server: cloudflare
etag: W/"5dc17d8c-2bae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ik%2BL3Z9FEGi9aLkzLvDH1hAeoSXhzN60jDfGk8fUPNY1rujo1hVBD1Wj5y%2FsGR9Ra6ZHZlZfdMiaeTJ6wicbe6qyfRp%2BTMidWUyw1D4U4S8i0ZluHwuPbpjK%2BHtDIkknrUHODHkLkPEQ2qp8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ea819f98ed7545-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 site_custom.css
kodeksy.com.ua/css/ 1 KB
803 B 101ms
100ms Stylesheet
text/css 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/site_custom.css
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd605e1c67722f8fbdb6a2bf7f5b7b6abe5e22b572d8b995ea3055af306048d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Nov 2019 13:46:18 GMT
server: cloudflare
etag: W/"5dc17d2a-565"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PunhJAdQo0j7HDQPD1rmaBGRl1shbJzzj02HuuSKAo%2BacWBsNBifewA3g47e%2Fxbg6TDvnmZ2hqQ8rCHiSo7qmAOrYO%2F30Cyio34uC0aolfXjTR1Qnk2zaFJqCaJ9sNDv04lQPVFIi6vsNlW5iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ea819fa8ee7545-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
kodeksy.com.ua/css/font-awesome/css/ 30 KB
7 KB 102ms
102ms Stylesheet
text/css 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/font-awesome/css/font-awesome.min.css
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
etag: W/"5d2c5ad5-791c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHDksevYnpqs4fZjuisiAkbjvZI8RULAoHhgyXX3FDgbEhmfDo90SbyfPk9pMMB0zEAP4GK1NDFa5goeUiXtW5Y1tVJHcR0ZleIK10peYU8QMHRjcMaiXkfa4P47BhOUvUSyQiU6KbFpAmMRNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ea819fa8ef7545-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 105ms
28ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15283"
vary: Accept-Encoding
x-hw: 1653106688.dop218.lo4.t,1653106688.cds266.lo4.hn,1653106688.cds318.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H3 200 ua.js Show response
kodeksy.com.ua/js/lang/ 270 B
756 B 119ms
118ms Script
application/javascript 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/js/lang/ua.js
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bec998e1b05cf23bc04e91b2e7123e6fa366e33bb9ba36b326a86b16785d97c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
etag: W/"5d2c5ad5-10e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbnqE6esnQZjLsc7%2F5rtHuajHC%2FylFy%2FOQ9YX8bwk0sRkLWdrlREHGtSiUPO%2BLFlsoyFuGQ%2FtnF5esBsPdzSgKJ3TCtWqPjQr6AApJ%2F5LnyWMWukg8ivsQFcQ%2BKE%2BDVysV7MtpffLc303XNMsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ea81a04a1675cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 common.js Show response
kodeksy.com.ua/js/ 2 KB
1 KB 103ms
103ms Script
application/javascript 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/js/common.js?1
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92878e8aa7f887f57a9410aaba829bf31b138d12f4ce676373050a9dbae37cd3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Apr 2022 10:42:51 GMT
server: cloudflare
etag: W/"624c1d2b-84a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTdG8spayqwF9WNz7OUo5FDzfw2dPAc24FVSW%2BCB9bechFvSSJV6o5gmF9gU%2BhNaTrGVUTJq%2Fgz083ddJg4SzOk%2BAl3nPcoGOrxe4V658S5rStH9csr%2B1%2Bue4mXvcIozWa%2FhGgcO%2FBzvb7WXig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ea81a07a3475cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
56 KB 179ms
72ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4de666ea19dc2fa9d2c54a0ef96b79a4f754e7de88a2bd31aecfdab52c3f107f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56525
x-xss-protection: 0
server: cafe
etag: 11629222284058733674
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 04:18:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 132ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17274968-3

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aed7de105e5b20ac1654ef6253ef31e00a0193371de28112ab6bf6d3aa44c85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39144
x-xss-protection: 0
last-modified: Sat, 21 May 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 May 2022 04:18:08 GMT

GET
H3 200 print.css
kodeksy.com.ua/css/ 1 KB
964 B 118ms
118ms Stylesheet
text/css 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/print.css
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088e7de337a0203dae7173ef90488c347769c601b61014939ab520a32c432201

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
etag: W/"5d2c5ad5-4f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qccyS07vnPXH9dozvBkcn4d4UiCP47xr0r3cs65%2FPSMQJIFTp7rOHt7aRvvFll15UvZTleeuMhg4GDNSeoQ5VRW46elHHwKpWTbkc3ISdddq00BxaGdiVupqKMhJltOyWcK1hkKO0vzSdhpqbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ea81a07a3b75cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo.svg
kodeksy.com.ua/images/ 11 KB
4 KB 98ms
98ms Image
image/svg+xml 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kodeksy.com.ua/images/logo.svg
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a18d27b1d95940d8d4569678359bc81a23763330a938f3843b64e5d9d719957d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
etag: W/"5d2c5ad5-2bda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qm%2BU%2BvJOFp6i4WaM%2BEH5Vf3%2F9Gj7qV7aeub%2FEDEcjGoiMvDAzj6pvnR0UzTPRvlulJVBFb8pGZF%2Fd9SUDWr3gsDKvf149FFeCGmPZTPCPyFCm3e80KlKkHYQuDZF9vRnu3Lpqjk0uZdQvX%2Ba%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70ea81a08a4075cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
kodeksy.com.ua/css/font-awesome/fonts/ 75 KB
76 KB 100ms
100ms Font
font/woff2 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/css/font-awesome/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://kodeksy.com.ua/css/font-awesome/css/font-awesome.min.css
Origin: https://kodeksy.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
etag: "5d2c5ad5-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7Z7aEWi5GeUFhtJYQvJvube7nLhUX0dUgNt4%2FyTjAIwu%2F%2FsYKsBKyJOSFQeB%2FV%2FdwFx%2BvVPe7iqhh7TpXYV%2FeWjsbu%2FdDsUsRMWMW%2B5r%2BGBSvQ0MKbj7cwOupjzyWlBUs9y13v8gGe5rlI37w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70ea81a08a4175cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 114ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c91aa691ceb2d92d06f61f07771ebf655b866f43c4a7ae3cfef730976874b366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jTTIShkIOGmiyKkHfc9VIQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: nrBF7qqbjfUpVqQXJ+8k1rR5WkG8ZkouTXqOm1Ei7o84lb+Lz5tWLubowk0AN3WRdI/5AmarUusuZa7PYI4nrw==
x-fb-trip-id: 686109401
x-fb-content-md5: 6df1e1d73de380eff6499b1a1604d46c
x-frame-options: DENY
date: Sat, 21 May 2022 04:18:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "965416c9a2feedfa6a64075e33e1747f"
timing-allow-origin: *
expires: Sat, 21 May 2022 04:18:29 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 288 KB
82 KB 78ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=6e99ea29e01a194b67a031c39c290dd9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d5c62a1431ac15cb92ffaa24aae918a09b5365f8a0f4b412268dd1f6459acbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kodeksy.com.ua/
Origin: https://kodeksy.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MAwcGr/bsImfnKZEUbmiQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 21 May 2023 03:11:47 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84034
x-fb-rlafr: 0
x-fb-debug: yxR7tUpIwQ4dKA17/0ibyJCF30hM7QHMQh1+Hlp3Kx2L9gPFPZAhTJwbZ6LxcFJROCeNxvh3H4dLbCszWl5Ilw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 07f8621691f3a408cbf9858a131445d5
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 04:18:08 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "68b1fa64da43a312d67eff248830fa42"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17274968-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7140
date: Sat, 21 May 2022 02:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 21 May 2022 04:19:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 310 KB
111 KB 137ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0714085022877139&plah=kodeksy.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e37b011cc7e2c816efda04fafad988e4ad5dbfd7f39be55b7bc6f1caeea61a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113363
x-xss-protection: 0
server: cafe
etag: 11795062300629768961
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 04:18:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame D30A 10 KB
5 KB 145ms
37ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kodeksy.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 29984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 19:58:24 GMT
etag: 1428802124239944296
expires: Fri, 03 Jun 2022 19:58:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 118ms
43ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=629932861&t=pageview&_s=1&dl=https%3A%2F%2Fkodeksy.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20-%20%D0%97%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%202019%20%D1%80%D1%96%D0%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1921360645&gjid=969124573&cid=44797682.1653106688&tid=UA-17274968-3&_gid=1359667320.1653106688&_r=1&gtm=2ou5b0&z=2086655306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kodeksy.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kodeksy.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
444 B 95ms
32ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17274968-3&cid=44797682.1653106688&jid=1921360645&gjid=969124573&_gid=1359667320.1653106688&_u=YEBAAUAAAAAAAC~&z=1828579407

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kodeksy.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 21 May 2022 04:18:08 GMT
content-type: text/plain
access-control-allow-origin: https://kodeksy.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 134ms
43ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kodeksy.com.ua&callback=_gfp_s_&client=ca-pub-0714085022877139

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0714085022877139&plah=kodeksy.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

88d1c5e93db993e3cb38d9510d1123fabe60c2406581d593f8b6f2ef064a80ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 139ms
45ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kodeksy.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kodeksy.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F98 3 KB
585 B 180ms
102ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&adk=1812271804&adf=3025194257&lmt=1653106688&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkodeksy.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688318&bpp=3&bdt=413&idt=225&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8002544592794&frm=20&pv=2&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c7abebda10b5f4b84e8b8600bbfd88a3305f2935b7d61493717a450517840da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kodeksy.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 562
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 04:18:08 GMT
expires: Sat, 21 May 2022 04:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C953 73 KB
23 KB 361ms
294ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688321&bpp=3&bdt=416&idt=242&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jXm8ZzuiRC&p=https%3A//kodeksy.com.ua&dtd=248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ed3f3d5180547510b67d1277c676a2d7a4b762089dfde451a7c42fe9d563f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kodeksy.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23591
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 04:18:08 GMT
expires: Sat, 21 May 2022 04:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A43C 97 KB
33 KB 315ms
258ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1653106688&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688324&bpp=1&bdt=419&idt=252&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LQDgUPxnNZ&p=https%3A//kodeksy.com.ua&dtd=256

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56b4f99b899abe64d34e0f9a65b1d0560d5bd3aafd55794186a88a117a7395fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kodeksy.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33920
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 04:18:08 GMT
expires: Sat, 21 May 2022 04:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E77 430 B
229 B 257ms
204ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=8772215856&adk=2896405366&adf=2827832974&pi=t.ma~as.8772215856&w=1200&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688325&bpp=1&bdt=420&idt=257&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280%2C160x600&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ddzpQa6aeO&p=https%3A//kodeksy.com.ua&dtd=260

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99136bc12134eb40ef170d349f71c90540af0443bd167765cc4d2f099b55002f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kodeksy.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 04:18:08 GMT
expires: Sat, 21 May 2022 04:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 131ms
48ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17274968-3&cid=44797682.1653106688&jid=1921360645&_u=YEBAAUAAAAAAAC~&z=605853154

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 130ms
48ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17274968-3&cid=44797682.1653106688&jid=1921360645&_u=YEBAAUAAAAAAAC~&z=605853154

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A43C 8 KB
1 KB 138ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1653106688&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688324&bpp=1&bdt=419&idt=252&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LQDgUPxnNZ&p=https%3A//kodeksy.com.ua&dtd=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38c442b0128c040353e356b95c9d4bbc14f264b48086fda68ddbbd4a80909423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 May 2022 03:37:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 04:18:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 May 2022 04:18:09 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A43C 2 KB
984 B 184ms
78ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 03:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 03:42:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A43C 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-CLyAGiIYsz-KZrh6wTizZ2wD-Hfyo5q_orZ3_IP-rSM8b4BEAEgoKTTDGC7BqAB5KHr9gLIAQmpAmsH06A9Iqo-qAMByAPLBKoEzQFP0JZuk6VNZeCVlSrmVjJIYIo-Cakgx5bY_gB6gAdy5g_YlJns40031M6qNlrXcDYyYWpLGgqwX1p2sy5R1hkxXUONIX8MD4b1ms94g3WmM-Y2acPQfpbGVBI0g9i_XRVR3juY8p5joQlqKZcxR5HzUzmyi3WQfnaVeprL6ah0FKR0We0JJRAKu6fDONvlNB1bwXWMkwPKF9yR0X1p1HuJ7vj3Lf0vYNcvAMQ0qc_CV3nm94h0w8fQyvzBlyRABEBgO2NEPilybMCgz80-wATb3vSL_gOSBQQIBBgBkgUECAUYBKAGLoAHhN6UiQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCRQ9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMDcxNDA4NTAyMjg3NzEzORgA&sigh=VR2PYRm0qQY&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1653106688&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688324&bpp=1&bdt=419&idt=252&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LQDgUPxnNZ&p=https%3A//kodeksy.com.ua&dtd=256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 May 2022 04:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 21 May 2022 04:18:08 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame A43C 21 KB
9 KB 140ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 04:11:51 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A43C 3 KB
1 KB 180ms
79ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 04:14:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A43C 135 KB
42 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 04:18:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A43C 17 KB
7 KB 143ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 03:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 03:44:37 GMT

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame A43C 30 KB
13 KB 128ms
36ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 10:36:04 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9908575568428250087/ Frame A43C 7 KB
7 KB 174ms
80ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9908575568428250087/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb1b9e21c3c63e881ee8858683358ec9d0e4ae80403970b875dd25c13c66fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:55:33 GMT
x-content-type-options: nosniff
age: 328956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7006
x-xss-protection: 0
last-modified: Fri, 13 May 2022 17:32:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 May 2023 08:55:33 GMT

GET
DATA 200
OK truncated
/ Frame A43C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A43C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame C953 21 KB
8 KB 119ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688321&bpp=3&bdt=416&idt=242&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jXm8ZzuiRC&p=https%3A//kodeksy.com.ua&dtd=248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 04:11:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C953 8 KB
787 B 98ms
46ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 May 2022 03:32:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 04:18:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 May 2022 04:18:09 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/ Frame C953 14 KB
3 KB 161ms
44ms Stylesheet
text/css 2a00:1450:4014:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 16 May 2022 10:38:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 13:04:14 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/ Frame C953 352 KB
121 KB 162ms
45ms Script
text/javascript 2a00:1450:4014:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5380c721af33202377a3c3b70f20697d1a5883f6abfabd089406c64c231de81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123891
x-xss-protection: 0
last-modified: Mon, 16 May 2022 10:38:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 13:04:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C953 17 KB
7 KB 140ms
72ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 03:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 03:44:37 GMT

GET
DATA 200
OK truncated
/ Frame A43C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7317cfb9b275f8807275efa060e5a7d76984fad4a1195d98d2dcfeddb274538

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame A43C 44 KB
44 KB 120ms
37ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 362760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 23:32:09 GMT

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame 84C2 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 20 May 2022 08:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 08:12:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C953 0
327 B 1028ms
369ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l3fd1gwx&c=592406606938&slotId=296203303469&qqid=CLLZ0afe7_cCFSutmgodUqYNxw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C953 9 KB
9 KB 115ms
41ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 373706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 20:29:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C953 15 KB
15 KB 105ms
36ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 407422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C953 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CFx-oAGiIYrLZKava6gTSzLa4DIGx5otq4POA4pcQ8C4QASCgpNMMYLsGyAEFqQIb1_LOZEjxPagDAcgDmwSqBPgBT9CoZKOYzOMUVpQUhW5LLHyD7ZUpTMhFTu7xzSAhT0FeB1WBPa9aHjDORU7vWFm0HP3mT4wCrbeM2bIZHgW0VaNOaM36wCkAyJYG8MQd4kggBAxOWPwuXNgFy8tFg3119YdRaS7IZIrPm4EtWHez4Muu8UFfKyW5irc7efz-WAMbG8ZOJfg__vThgmIxBxLAjnYXEMgoZJsgRQMWHmfOLC3pRdRPJQuIoZbavt6oTu4kgPown2c4jA5v4OpOFQN1m4SwcCg73nO5pNplz63GiRmj2Mbd4sna7_HbCRDInFjyVlRRCA0GT7C6thrGYqXKktrYtiR9SZjABMTM6teQBOAEA5AGAaAGdoAHlLGXogGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE--umw_IE9rRouAD0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1653106689260&ai=CFx-oAGiIYrLZKava6gTSzLa4DIGx5otq4POA4pcQ8C4QASCgpNMMYLsGyAEFqQIb1_LOZEjxPagDAcgDmwSqBPgBT9CoZKOYzOMUVpQUhW5LLHyD7ZUpTMhFTu7xzSAhT0FeB1WBPa9aHjDORU7vWFm0HP3mT4wCrbeM2bIZHgW0VaNOaM36wCkAyJYG8MQd4kggBAxOWPwuXNgFy8tFg3119YdRaS7IZIrPm4EtWHez4Muu8UFfKyW5irc7efz-WAMbG8ZOJfg__vThgmIxBxLAjnYXEMgoZJsgRQMWHmfOLC3pRdRPJQuIoZbavt6oTu4kgPown2c4jA5v4OpOFQN1m4SwcCg73nO5pNplz63GiRmj2Mbd4sna7_HbCRDInFjyVlRRCA0GT7C6thrGYqXKktrYtiR9SZjABMTM6teQBOAEA5AGAaAGdoAHlLGXogGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE--umw_IE9rRouAD0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C953 28 KB
16 KB 138ms
61ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C9IkbFP_mw7daFsBPr3zg6V0NIPqYhe-wcvGaAbC08wl1_YtpYwQlErh-YmumUBx32loZ8tqSdgtzjAGNKMEHa2qrBAw&cry=1&dbm_d=AKAmf-ABZilP4XN-XYwIVyDYN9giWQWOnkCdd4gDr8Pr-RO0QAVmdbSTMEf-65nP0pXxEd8RjJHbZO4axQN4Qlrn9cZ5B_ttUC5cFJ8dhwojdNY1xnecC3rgQvuNe2wzFWzvmd4-f-nyfPn6GcWrV9qOgytasN9WwE_e5AL0j49t8tnnZ1cokFS8aVr6Z4mTNJ9uJncWQRdyJxIdVTXT4xhU6DcwmTy1MDbwjvWtIRN6NM9CJkepylCIuqgF1LxYn7LtKBScgnrl-9knUSt54IG3VcOa2nWB2J_Lu7uv_GGlTE16_LOF9AT1ut2cWWEXDJrgYaM7BWXsLJmEal-4IrCKGRFc1UdKMsm5WDni_klbAUBCvtTvyykI_IOnG8iQLaOetuXrb5Qf0rJCw0Owkn_MLqrWXB9PJszII0J711l1PHQUU2kaO12uYmzfkTfRb8U2blEKHk7ahf7a9YnDHn1vwxJxaPk4MxjywaUN10IRYquH1GdIUJH4Ferh28N_DOLioiucSkd_JDKPY0hgxjQbDLpN7YfyJDql21s5Ya184HD-gK6PEFwQOxlvcj0Ph77nPXM5pZ8W28VjZ9uMMlAUQTqh4LxYa3cCTufaeQtgWHqQQeZSRxdCS4VN9SofcBCjpOlx_YEE5oV4qo0NIJNKugKY_Iz7KQKbD-VK2fcynNMM8vwBrYLe4EhF4pY2CZOm6e_pn8ylvFGJ_hDCJNTnr2pj9y8zIAGqJkFTYDUBCcLRDkqhrDLqZebKNuLB4dRkiB3AWEzCfBf4JK8V1Ob5EbK1-M3BX0rUqXey9G89n6gvVKsevHztpn4wUR1ZmA2R6XoBEiAK59RyxkFkeUnMxk0hqzeXS0aGn0EbzdHFo-JMBBm87e8OS-XCmRxU0R1E8n0zT5m54jR3u7jSoQQdjgcsqJOWMl0ghZCwoo4PYSdGsnwhr1q3RSEkj-6ghiQEYfKvdzs3fSNolZv_Siwm54TSZiAxJLxjOtXw7iQPb3V505rI4q8Tr1TGvd015SStAcCrvkt8L0cG9vTu9UvkLKNx1jJkBs93G6IODJnZ_EVjiQ_RuJEJx6aoWsi3QM2xiCLVUDWoMc_rCCoksp9rs_93RBzeJvVN1BR5PSk0DphwoVlxEWnpSSaLqfzOYHkngAt04qUDjpvPbg-uNJ86fJr7A-jeDVzwneQT06LWdhJZqDbZ1QcGaxrZJaHyZGssEuZq7BT8787NfIPkQrRoR7I6was7JpmZGqyVXfSEA2S2GczCrVl4RslTmCOBYxhDaUe5ZQ2-h-AEcHLT81nw_Zuv2qDV3RVm5AVoJlKaL-KYaAN1txm-nhSIPlaeDOYCyR4_KDZRv7-6xGIzpWj2PbQgEX3jATn8Ru89phj3_FRA2o49COWB2e8wYYDDZM_dCq2hAQT0ndvcTadHc2bRhgjXurULLwtn0yw8oaY1rgNn-8Zp4QjVFTpDhgF3bXGZF7IA71jugElhknDhS7CYH1r0-uT27Vj2MG348KanQ5uANjtmZkhCoHV3hNXjRxNJucW61kxIWfkRsN_NXiU7tPe2NN8q5rmUmTIisjcJ6JsinrROZ3o4Ac7GoXX1klldBokWubu5He4QeC0so7lz-p5EHhTktZAZ8o8irU13WsUi0a2QCybbRSXnyK6Rt1L6kedf9zcOde683LCEIMmoEAcMoFBFSOGNxBT9xyhE-KfKSuu6S11mooqzBmNuAHd2fIouOSa7a9UlNNuyo4tHIQBMOCfLlbrnj8BxSaPGVt3wsrjNrb_kbvnp5nwOLo1rqtUX_HBlrdfem5w9sB2DBDFOM48tC7IR4EJKAoVhk9Y4yxPiElJyy0aCHWfB4LuljaRG5dNfytexKJCFetTecygpDmNXXT8nRv_fX9jBwyu7C_FAGtbBg4bZ8lsgbKiUZX4U-OogXYYZhA4xBpr8wIVsS1NpcezCWpEp0ROj24a9R1MPZUuFU-nn-zsZVYByWNhJRv3ucaOYUHAKZTugvh-LdODIDcUqN6l0uw25AaHZkPlAc0_vOeRhkI8h7GFe4Q-DOC0WqBmyKIQ5vRgE3eLmjyETz6Xu0dubcgb7w7sVgodMGmztRPSTLUSgbaTjRiyWPN0iu6ItfMMlH42kEMHpMla3rOwkroKUMw-0SLBiIK9tJrD3qSR6ClE9syw7xOsMy7uyaKYDqAZ5a8ua4xbhuMbqSLkSlGUCxjrhF8SZPxqZZVf7iBeZToGAtTJJ0J2cCwZb4FPmdwLWpQVsh8x7IfSHa-YWzeGLwFWJxUuPi2-A9MKkMSY0FMRD8bw4wcTwxrCWxV5Tm1mf3jZp3ZRG44hIwVVD4zs8bsJiqsQ_x5Fw-tv7sjrfc6OouYXhiQ1AYT8-YUzsKZeK2ES6N6RLg2VXhU-k1Inj2HEJNr60ropsbK1nMmtc4LpLKxweJOGhyV8exluS7Q6JGYECbPuhsu9f2Rz_esnz4ViUnA2RHXosaQSlZxPiH9lz0HMcN1ZNtyyJz3v3WKQTWAlmsT9dWuK5GzoDiTMLzzJTOxnqXMCzpyQO1xqQmPT581u9geWL1SwgO3r3FGzBKyykLdxejw_xOAmHe3oNuCZgGmLY7ywGF2IiA2hbuT-AzFmv3vQqlWvl4xUSjrTC9TQeD58E43zPrR7Zpu-XbW-dc6F8GBU1X5kYsiDgS3w-85qIgK09Ihbt1t471P_EVHORZeOyhOJl3MEIfSO2nkEblSXzovs_2UYyB2S7fcy7SleZfU2hsy6vGCRR0aIKzIJtLficyMz2iteAGzqxsm1J1Pyg8C6OXamARbo_DHqtDFZzsOzqcU93wmVjj34Vv49jx0wluUaSqDEIsPTdaU7Wz3LKFVd5aLbQhV5wqfqB0mixZBksVjLdYYrwwKjjF7Wdc_Tmn6ll6GF2-rAMcW-EKSDDcCsMSxjBDdOw_31HU3SRsGB4IHV8_C9p9-gS0YAQoAexJ6_hUzb9lEzKU-1hlPp7HZM5jIyDW-0logOhiQDpQmGURVTnRQZBxBZBDWn9Yr6wUtRbHyGSBNcVrYpb1is3SoOKiRwBxlshCl1wIQDjbd7ZC1KyeDo7trGAf7U2l8oHA0v1PbBlJoCcUioka77r56xcIZFFSRG8efLcSQmXyS8a4IYyi8WoYXczZlhuhgqhMOO57QVgvcpT2mZOIRcaMlflhWUih0wdYAhokU78Mbl9jDjw_beY3wMH1mok_1FE_q17FXU2ekiGMSBxUYczigpZCt1rMUp_3KshaQpmnCaZL6XE1TJtcfLpT9MGXMMuahJJOO24BDOr-1gH_JY3OjCwFDtr5lz5JBGFafNommJX_9a6V_-kQnR3D-lmMayQz32GsWCimKbb6HjQ1_MwouJEq72nKri-5M1FZvWFFYO1NFBWAyhOR-hTOkRSaC6QUaeigWAaHXqNPx7QDwLJu6hcsbu4MbGpzATWvjR_7lk9EAtwx-1Z6v05wafISZ0p1-7JICf5xRK1MDh-6CW3M9daJ8dZg0lkZ3hNibQobK9z05VPqqF_8Je1T6CksWiEal3HQMpYn_uR2Dzpcz5M4WGFihn-35em8UxO087bKBWWMuUfL1p7AGY7jygqjEZY8cKsFxho5QiIzm40UNb8-1EA9JzsaA1JHGDHowIpEsonlvu4Z9zq6fwvm9WCSREAPeJ68QcgbSSGjFCsqoV5ApmjPNMbdSWbqwYyz-sUjoifOnD1IS83-mh8XrdbwE_-2JEcQQn6CyhMOLV-saRFtYn01T0_Q_GylZV0cINvqmNju1z7qvpZmZhV52hqHUK4Y1Xs3RRhmTFLYRfRNsdZywNlCca6jDAbT-Mmo5asqRajw0FIDbhfV2lUSOuZH7KoUppmzBq08ZE0401tzM_RsGKE6CfJzubbib65h3HK4PzFdNDh&cid=CAASBORo3FE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

addbad319d403eb5ef3687ce273b4d2f91cab0d5e9ffcea375423effb3d35dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15399
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C953 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8J8nAGiIYrLZKava6gTSzLa4DIGx5otq4POA4pcQ8C4QASCgpNMMYLsGyAEFqQIb1_LOZEjxPagDAaoE9QFP0Khko5jM4xRWlBSFbkssfIPtlSlMyEVO7vHNICFPQV4HVYE9r1oeMM5FTu9YWbQc_eZPjAKtt4zZshkeBbRVo05ozfrAKQDIlgbwxB3iSCAEDE5Y_C5c2AXLy0WDfXX1h1FpLshkis-bgS1Yd7Pgy67xQV8rJbmKtzt5_P5YAxsbxk4l-D_-9OGCYjEHEsCOdhcQyChkmyBFAxYeZ84sLelF1E8lC4ihltq-3qhO7iSA-jCfZziMDm_gsk-HzeYB-SKAtr-fzT2BWN-gIny7733qMCuf1tBr-PIRhlo-N33OrUcmFc2jdohA5j90idJgcUT3msAExMzq15AE4AQDiAW_8tWdQJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHlLGXogGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCRC3XRjvnsHKAdIICQiA4YAQEAEYH4AKAcgLAbAT766bD8gT2tGi4APQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItMDcxNDA4NTAyMjg3NzEzORgA&sigh=NADf43bHHzY&uach_m=[UACH]&cid=CAQSGwCNIrLMVB2N80KPVkZl8JuEyhE11y40P4QCEQ&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688321&bpp=3&bdt=416&idt=242&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jXm8ZzuiRC&p=https%3A//kodeksy.com.ua&dtd=248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 May 2022 04:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C953 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8984503f395a269d0db2aa5a6cfe16747108be186a40abdcd070ab97baf9fa03

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 like.php Show response
web.facebook.com/v2.11/plugins/ Frame C400 0
3 KB 142ms
58ms Document
text/html 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v2.11/plugins/like.php?action=like&app_id=1858704387773680&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e9d89e79a44dc%26domain%3Dkodeksy.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkodeksy.com.ua%252Ff3f0362e6c6c1b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkodeksy.com.ua%2F&layout=button_count&locale=uk_UA&sdk=joey&share=false&show_faces=false&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=6e99ea29e01a194b67a031c39c290dd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kodeksy.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 04:18:09 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: ua4xo92axO9K7+KpM4ISPqogNsuujOKhwlFyMkDpv/Q6mCwm2CJbyzMF20KDvWg1up7We3w0nXkIABX/TxXFdQ==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 125ms
51ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec405c626adbe2fc387c984f15c4d95c06853150d14dc1323bb66dd058c9cc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 04:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C953 41 KB
15 KB 120ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 09:08:38 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-aigl6nsd.c.2mdn.net/videoplayback/id/ab2e62d15087b572/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684642689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C953
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/ab2e62d15087b572/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684642689/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-aigl6nsd.c.2mdn.net/videoplayback/id/ab2e62d15087b572/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684642689/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

139ms
25ms

Fetch
video/mp4

2a00:1450:4009:5::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-aigl6nsd.c.2mdn.net/videoplayback/id/ab2e62d15087b572/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684642689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21B9ED876CBE22D93509CDB43B873EB759F84C50.3B4CECEA2F27FFD1D45945D76764FAAC367F7903/key/cms1/cms_redirect/yes/mh/s8/mip/2a02:8c8:c10:30::14/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1653106274/mv/u/mvi/5/pl/32/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4009:5::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 21 May 2022 04:18:09 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1499985
Last-Modified: Thu, 12 May 2022 23:15:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 21 May 2022 04:18:09 GMT

Redirect headers

date: Sat, 21 May 2022 04:18:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-aigl6nsd.c.2mdn.net/videoplayback/id/ab2e62d15087b572/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684642689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21B9ED876CBE22D93509CDB43B873EB759F84C50.3B4CECEA2F27FFD1D45945D76764FAAC367F7903/key/cms1/cms_redirect/yes/mh/s8/mip/2a02:8c8:c10:30::14/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1653106274/mv/u/mvi/5/pl/32/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C953 0
54 B 861ms
376ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l3fd1gx9&c=592406606938&slotId=296203303469&qqid=CLLZ0afe7_cCFSutmgodUqYNxw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.o1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 04:18:09 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6EFD 23 KB
9 KB 38ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 68971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 09:08:38 GMT
expires: Sat, 20 May 2023 09:08:38 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7051 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kodeksy.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 24578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 21:28:31 GMT
expires: Sat, 20 May 2023 21:28:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A7E8 783 B
533 B 124ms
48ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1173bc64a686c2eb12e72948b7d62fb82de048037909efed1d466008cd698f5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1qOLQqAsndlwMiPbg0OcwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kodeksy.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-1qOLQqAsndlwMiPbg0OcwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 04:18:09 GMT
expires: Sat, 21 May 2022 04:18:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jNIfTJOJYpsZ98Q8qL-tpT3OaJUUMdeIViycWvFIlxs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EFD 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jNIfTJOJYpsZ98Q8qL-tpT3OaJUUMdeIViycWvFIlxs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cd21f4c9389629b19f7c43ca8bfada53dce68951431d788562c9c5af148971b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 20 May 2022 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13600
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 20:16:36 GMT

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7051 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 20 May 2022 08:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 08:12:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A7E8 0
0 85ms
84ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=251897858132814&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 206 file.mp4
r5---sn-aigl6nsd.c.2mdn.net/videoplayback/id/ab2e62d15087b572/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684642689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C953 1 MB
1 MB 53ms
25ms Media
video/mp4 2a00:1450:4009:5::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:5::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2c3485fc2f67371f3a3ade7f4d80efe00a5e86f60b29eb5b54d9ee1935c240c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 21 May 2022 04:18:09 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1499984/1499985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1499985
expires: Sat, 21 May 2022 04:18:09 GMT
last-modified: Thu, 12 May 2022 23:15:48 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame C953 0
54 B 472ms
376ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l3fd1h23&c=592406606938&slotId=296203303469&qqid=CLLZ0afe7_cCFSutmgodUqYNxw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252Fab2e62d15087b572%252Fitag%252F343%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1684642689%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F801BEAE466D8B5C4D05389069C6E8BA20E710FE1.33011392E72703A523650FB10019C29CE5DEB8F0%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7051 0
9 B 35ms
35ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cGwlbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 04:18:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EFD 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bem2XAWiIYoiXF9-E9fgP4oK86AEAAAAAOAHgBAI&bg=!ISKlImbNAAZ4vKt9WLw7ACkAdvg8WgQRl52c_BzTesTYuNwL1czQmNDAE3uono98a1xeLeH6we6pAgIAAACPUgAAAAFoAQcKACUypZJIsgPywR4z-53QCUCLB3lYvKx_CY92vqf4zufWxeAoa9hPmQK5b2yFcUb6cNPnyfJygTcOHuIbB3HsUO1dTV9RDtb0kfs66Tz3XuIS1o0V36m81khBYbfKKskVJsXCzZxFEutLvNdew1VCeACyVRcEdY8-6tmYT5iR4mmsQy5X46l1hDsLbTihvjqFK-YzlEv2KkUPEem4pNtHUjeCecbU0HUhpOHQkLzn6A98eqO8S5TOxbCCfGQsd4k2ozOtJrqFc2_dB2Q4TQdgCcRkPZNAJNjJZIR4VUY7Ho9bGmOTo6HbB5bfXze6Vlsfg1EOS3SL4JntsoFC3G4N6SVf7IAFWwsrY6S5OidMAxZ8IzjAfSWeDmK4RRTs8zCWcPzCXZDzbT7DkJJuLCs9Uf35vflzc5NDydfzlbRFU81ZZuYMc9P-y6N9PTgLDw6NtzbWMZRazBvvc_gZ7AYcX0T4zASfwua2_4IQJ9lh7k514otbPsRxlU8qBiizl76lZBvB2SJkqZMerZeUjrHK5lmUprsW1d8Jr5-MPbobreOvwmiMSR0TWm6cMV-lCwCzitUbvczdmAH7pZnt2MPPngYVNVvTwrBntQoP778iLXMSVUc5SfZK9HJOUwtVX7xOAPqfD2VK-VLQ8GGHprlq2ASBo0OY9ydgnKHJdx4wwhAKBZnPxi_0e5I8qRJpiUgrfAedcgI-h1jXKPSDYgpsAyqeEwdG0mUUjP1DQO8SXmsP3-NE7tR6NsI_pJ5ydcXV6vWYIImdBDUcWuLGNXOiZxEwuVO91gdPeLTfmxXNoaFh9WTDkibkuTzHYDxd9y1SqddCbY3bex59ggO530BEuoTEuyROsu-WWk3XxK3JPkyXrjGNG6TjJRTf_VoaDvCtPFXbrdZKU0ICHk-TstZcZTfPK69q9uJNf9pVHdKnRneK4h2FumUeSAmdTXljdZBy9Of5AoYx43HOJFdaWSXrxCBsXA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIyJv8p97v9wIVX0IdCR1iAQ8dEAAYACD7kdpROhoIiZK2ogEQxMzq15AEGNrRouADIODzgOKXEEITCLLZ0afe7_cCFSutmgodUqYNxw;dc_rmcid=CAASBORo3FE;eps=CIDhgBAQARgf;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%...
ade.googlesyndication.com/ddm/activity/ Frame C953 42 B
107 B 173ms
73ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyJv8p97v9wIVX0IdCR1iAQ8dEAAYACD7kdpROhoIiZK2ogEQxMzq15AEGNrRouADIODzgOKXEEITCLLZ0afe7_cCFSutmgodUqYNxw;dc_rmcid=CAASBORo3FE;eps=CIDhgBAQARgf;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10069%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653106689939;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C953 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CFx-oAGiIYrLZKava6gTSzLa4DIGx5otq4POA4pcQ8C4QASCgpNMMYLsGyAEFqQIb1_LOZEjxPagDAcgDmwSqBPgBT9CoZKOYzOMUVpQUhW5LLHyD7ZUpTMhFTu7xzSAhT0FeB1WBPa9aHjDORU7vWFm0HP3mT4wCrbeM2bIZHgW0VaNOaM36wCkAyJYG8MQd4kggBAxOWPwuXNgFy8tFg3119YdRaS7IZIrPm4EtWHez4Muu8UFfKyW5irc7efz-WAMbG8ZOJfg__vThgmIxBxLAjnYXEMgoZJsgRQMWHmfOLC3pRdRPJQuIoZbavt6oTu4kgPown2c4jA5v4OpOFQN1m4SwcCg73nO5pNplz63GiRmj2Mbd4sna7_HbCRDInFjyVlRRCA0GT7C6thrGYqXKktrYtiR9SZjABMTM6teQBOAEA5AGAaAGdoAHlLGXogGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE--umw_IE9rRouAD0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=U-CFf0TAEgk&label=part2viewed&ad_mt=5&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10069%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653106689939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688321&bpp=3&bdt=416&idt=242&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jXm8ZzuiRC&p=https%3A//kodeksy.com.ua&dtd=248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C953 0
622 B 182ms
81ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIkGCOJRYxxEXw5zjegRkzddKlpkivVz_wPmfYXf9yhjtYvtE6hSAQeJDwtXkKGHk70DFSdyzoL5DDWo56EQiEwFaMYowifmKXbfb2in56NcxIEP1BlEOiaAQ9-VZhGZDomLbmwPnq3sKhR8KKZY_QEGT3Ftc6IXUtLVZkfkD5DyaQu3EYik0BnQEauZFiHqR2e7KQeiLuXwywOB-LxMRJha1obrmPOd56UjRPR_jNkaLPTmyx9hGMIHHmQKmEeBwTUNF7zhiEtrSPaB99asZXkL2QrJ4qLGyorNSBsf57yhTWF89nIwOKVNVmF7m9pC1qc8vGJn5DwQaZuIM8HZshCziWS9gkBfgLARtjs-FeLiFPsYR6AG90supuSh8ETAWoteK2h3F2CtLOSRIdPBZ8MG1n8E0zepFG7shb0rMN_Q9Gl4WoTQ7nbjGOTLCBhiEcCO2fMvyVHuYtaX0gt_pUUBnG_7ngSRxgggx9vxv3Q7EeGJpbyWIMQWePZiow4jryAhrPyBNgxBQ9At_vxzIxAu5UkDlZi6uRUKIRfIkEf4Ul9JeMiCdoSTXIClQgJlxJtk1ZwWbfy0PK2aXjz2qJ733CieBco6x4JUZilyNe9kCTuBvhuKn7HAHlO4T-ef0siuiDMkKFdEumBoDiv9Uyy295xVnJSrNEQztIfVzXyORG3WXJITBnhwi9bnlL9ubYNZRm3hO4slVvcVTdCpE9yJuhluZG9bGv3P8MQxbhRZ7mBZnVyBNAwXs2FZ_0IFa76Vp9tkMJfAo4ckkfsTacDAQGgJd0Jo6VyLcr-M0wVJXuTY0FMUDZhEEaWzwqExTZQEPWL7wRsZhZk3EAe8DB9wB_zgHrWIIJyInxdDkEOKlM457i89VvS1O5X-M6yA9I5SXEhGx00wHB2O7CT8WDEQJJKwxR_N-HnFy1K-xy-W2xVSuItL98LZQk5BpM0GcLenmDLu2VCog4ZDhZlojhVSmLV9ju2zOXBDF7L9otbXRNo8p_Nzb1JNRJe90mj-kIarklV42ihIJTq5TSkwXA2VDBTebb-WNYkuZ_WqYJIpABSEmDyyxiuSh9UtwRZB7EFKngcPBLJrQaDRBgVfEELQXMwMvRoz8V1M_68aCe3D3TqS_Gv9wMFzdZ1WZ8TWr5UPSxbli8CE7tQU9e&sai=AMfl-YSwSUB2xD8JIPWHhC-1mJWpUOHmCGQ7iaFaJKzmr59Ye7g24nDzl4z0y3MoMWdDCKflSM1oiDUrgDcwEYa8bcIg40RdByH28LdbtTe_daIruonuIgax7MjJcOVVmOPrkbHe5jaGBe6HCZf4M4ch5nnxdSCP&sig=Cg0ArKJSzHNjkw-R-hJ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 21 May 2022 04:18:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame C953
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOTjQIQr5qcAhjvnsHKASABMAE&v=APEucNUb2LT6zPAEmojBVpMFJNnf4O1fhbV7-0Qt2fVbZNoCG-s7awUk5SDTPctAAcmsmN_f_6cfrqmDgg4_blIQ8Tz1TZoPPQ
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAWBeEWGDksNpdwepp6FYnU&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAWBeEWGDksNpdwepp6FYnU&google_cver=1&__user_check__=1&sync_id=061336c9-d8bd-11ec-8000-1e5bf6c20506

43 B
548 B

33ms
33ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAWBeEWGDksNpdwepp6FYnU&google_cver=1&__user_check__=1&sync_id=061336c9-d8bd-11ec-8000-1e5bf6c20506
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 21 May 2022 04:18:10 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 49
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sat, 21 May 2022 04:18:10 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEAWBeEWGDksNpdwepp6FYnU&google_cver=1&__user_check__=1&sync_id=061336c9-d8bd-11ec-8000-1e5bf6c20506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 68
Connection: keep-alive
Content-Length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C953 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIyJv8p97v9wIVX0IdCR1iAQ8dEAAYACD7kdpROhoIiZK2ogEQxMzq15AEGNrRouADIODzgOKXEEITCLLZ0afe7_cCFSutmgodUqYNxw;dc_rmcid=CAASBORo3FE;eps=CIDhgBAQARgf;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%...
ade.googlesyndication.com/ddm/activity/ Frame C953 42 B
494 B 170ms
72ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyJv8p97v9wIVX0IdCR1iAQ8dEAAYACD7kdpROhoIiZK2ogEQxMzq15AEGNrRouADIODzgOKXEEITCLLZ0afe7_cCFSutmgodUqYNxw;dc_rmcid=CAASBORo3FE;eps=CIDhgBAQARgf;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10069%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653106689939;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C953 42 B
64 B 76ms
75ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxVz9b7fhnI7c6c8tgJupgdZY_nc-m9xg3vTvaNzEznojnlX4iD_U2SP_h2vOXCGXvucquDblo-8MwunVeJN9NasGEabPA_JAp1W-Pzd_RGBY&sai=AMfl-YR3PGC1ePLQ-ljb9thyDhfG5H2Cs09EQrDEk4g5nH8a0oVojTzrqP3vBxDSEVGZxgwCmyjLfsXPGsPV&sig=Cg0ArKJSzGz8Fbje1ZlgEAE&cid=CAASBORo3FE&id=lidarv&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10069%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653106689939&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C953 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CFx-oAGiIYrLZKava6gTSzLa4DIGx5otq4POA4pcQ8C4QASCgpNMMYLsGyAEFqQIb1_LOZEjxPagDAcgDmwSqBPgBT9CoZKOYzOMUVpQUhW5LLHyD7ZUpTMhFTu7xzSAhT0FeB1WBPa9aHjDORU7vWFm0HP3mT4wCrbeM2bIZHgW0VaNOaM36wCkAyJYG8MQd4kggBAxOWPwuXNgFy8tFg3119YdRaS7IZIrPm4EtWHez4Muu8UFfKyW5irc7efz-WAMbG8ZOJfg__vThgmIxBxLAjnYXEMgoZJsgRQMWHmfOLC3pRdRPJQuIoZbavt6oTu4kgPown2c4jA5v4OpOFQN1m4SwcCg73nO5pNplz63GiRmj2Mbd4sna7_HbCRDInFjyVlRRCA0GT7C6thrGYqXKktrYtiR9SZjABMTM6teQBOAEA5AGAaAGdoAHlLGXogGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE--umw_IE9rRouAD0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=U-CFf0TAEgk&label=vast_creativeview&ad_mt=5&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10069%26vmtime%3D5%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1653106689939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688321&bpp=3&bdt=416&idt=242&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jXm8ZzuiRC&p=https%3A//kodeksy.com.ua&dtd=248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C953 0
54 B 377ms
377ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l3fd1hcx&c=592406606938&slotId=296203303469&qqid=CLLZ0afe7_cCFSutmgodUqYNxw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&dm=10000&event_name=first_play&asset_bytes=211118&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.12d~videopreviewstarted.12f
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
81ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=251897858132814&bg=!4OOl46fNAAZ4vKt9WLw7ACkAdvg8Wm13dlMhxQtI-WEYow9j8yCmPba9HWpIP6kAS35uFgCQhabnhwIAAACOUgAAAAJoAQcKAFo3zx6Lasmlkook_PjMac3F0P5lyJMDw2oMcTykAd6rTS7541CS30Tr54j3Ukld3qJ8fE1kH7AbKqAr3tTdtLXKtZ9Sxk4JbV69-4xgiG1ojRRqw86buo2IPpCZApxkQmKBr3dS6WNkysPmw7dhIkJq1D8ePJa7poZJBJHL1os4cqQqMYKi4IW-E1E_zljVexJQO5xeAR3QcVHCQVlpPpTC2YlkK10JfKZHbq9LV3vT1r8bzZ8freNI-cnpeDo9132JKF8Vuaa9x6fK_6IehSCOfMLFNIJffNL2TdrtXXwcch1LC7Jd3G8R8ClSTb9QrQ2z-ljlXnQNSunfM00DM_k7b72Yc2xwtFx-S1dIDt8tIHw9s7DoVxved_dxl9SxuFoM_WlCWV5FcJjNNQEXgas8jJcC-DhUlYr_Vui9Mt8mHx-bE4bKRAL0Yz1qDe1Gh7E_6fEamHyg1Tvmrj8hnwqf83amBNi4udW4TRQO9-vb51oke1LwZeKdgZT7-wdpsNCM6-i3iGVlclOsyZ1MP_ltrZZFpA3DL7jTht5vA5XeXlMx6TyL-7Nfp-b4CsgK0SOBErAZDTQc3nXSqVVJZL4GYQgkpw6wPCc0FS7QvxDnbsCMNrwymSibzAUgB9meYE2A4G8SJLdu4WM-ybFHRXWEkpwEZGK-5AKz2XAge85UYW2kXzIpSB7Auo16EdOePeQwWz3abj9vfJ16xXR1yiNpw1lcRXHVaoWCrXUjGCpqZqsH2gMCeppYU8cV10Gspd2-zZB1Que0-zIEiLn6KlnDPUSf4ViEqvfsP2hyk-HwGI7EjQZjTuudvEbEtGlo8iyfApmK0LqYSXkB2olj48Mzn8fjOpdTqFefkmXY8usi8O_RwjM-054XFz0W9LRouiYpiRQpgwlwWlg93fzqhEali5YZ2sHSGdc0eQVP1QaoT7xOYezdJUk5hR7xGGjvr_D2jJPSCVGVXbiKBHxEbZpnlwhPqIcMREgi4LDuTXy4FzyGdZDzXyrQqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 dc_oe=ChMIyJv8p97v9wIVX0IdCR1iAQ8dEAAYACD7kdpROhoIiZK2ogEQxMzq15AEGNrRouADIODzgOKXEEITCLLZ0afe7_cCFSutmgodUqYNxw;dc_rmcid=CAASBORo3FE;eps=CIDhgBAQARgf;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%...
ade.googlesyndication.com/ddm/activity/ Frame C953 42 B
63 B 149ms
72ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyJv8p97v9wIVX0IdCR1iAQ8dEAAYACD7kdpROhoIiZK2ogEQxMzq15AEGNrRouADIODzgOKXEEITCLLZ0afe7_cCFSutmgodUqYNxw;dc_rmcid=CAASBORo3FE;eps=CIDhgBAQARgf;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,301,273,774%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2168%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D202%26dur%3D10069%26vmtime%3D2176%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2168%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1653106689939;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C953 42 B
64 B 73ms
73ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxVz9b7fhnI7c6c8tgJupgdZY_nc-m9xg3vTvaNzEznojnlX4iD_U2SP_h2vOXCGXvucquDblo-8MwunVeJN9NasGEabPA_JAp1W-Pzd_RGBY&sai=AMfl-YR3PGC1ePLQ-ljb9thyDhfG5H2Cs09EQrDEk4g5nH8a0oVojTzrqP3vBxDSEVGZxgwCmyjLfsXPGsPV&sig=Cg0ArKJSzGz8Fbje1ZlgEAE&cid=CAASBORo3FE&id=lidarv&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,301,273,774%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2168%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D202%26dur%3D10069%26vmtime%3D2176%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2168%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1653106689939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyJv8p97v9wIVX0IdCR1iAQ8dEAAYACD7kdpROhoIiZK2ogEQxMzq15AEGNrRouADIODzgOKXEEITCLLZ0afe7_cCFSutmgodUqYNxw;dc_rmcid=CAASBORo3FE;eps=CIDhgBAQARgf;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,301,273,774%26tos%3D2534,0,0,0,0%26mtos%3D2534,2534,2534,2534,2534%26amtos%3D0,0,0,0,0%26mcvt%3D2534%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2696%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D202%26dur%3D10069%26vmtime%3D2705%26dtos%3D528%26dtoss%3D2%26dvs%3D528%26dfvs%3D528%26dvpt%3D528%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2534,2534,2534,2534,2534%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2534;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1653106689939;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C953 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CFx-oAGiIYrLZKava6gTSzLa4DIGx5otq4POA4pcQ8C4QASCgpNMMYLsGyAEFqQIb1_LOZEjxPagDAcgDmwSqBPgBT9CoZKOYzOMUVpQUhW5LLHyD7ZUpTMhFTu7xzSAhT0FeB1WBPa9aHjDORU7vWFm0HP3mT4wCrbeM2bIZHgW0VaNOaM36wCkAyJYG8MQd4kggBAxOWPwuXNgFy8tFg3119YdRaS7IZIrPm4EtWHez4Muu8UFfKyW5irc7efz-WAMbG8ZOJfg__vThgmIxBxLAjnYXEMgoZJsgRQMWHmfOLC3pRdRPJQuIoZbavt6oTu4kgPown2c4jA5v4OpOFQN1m4SwcCg73nO5pNplz63GiRmj2Mbd4sna7_HbCRDInFjyVlRRCA0GT7C6thrGYqXKktrYtiR9SZjABMTM6teQBOAEA5AGAaAGdoAHlLGXogGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgHICwHgCwGADAGwE--umw_IE9rRouAD0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=U-CFf0TAEgk&label=videoplaytime25&ad_mt=2706&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,301,273,774%26tos%3D2534,0,0,0,0%26mtos%3D2534,2534,2534,2534,2534%26amtos%3D0,0,0,0,0%26mcvt%3D2534%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2696%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D202%26dur%3D10069%26vmtime%3D2705%26dtos%3D528%26dtoss%3D2%26dvs%3D528%26dfvs%3D528%26dvpt%3D528%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2534,2534,2534,2534,2534%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D571406044%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2534&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1653106689939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1653106688&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653106688321&bpp=3&bdt=416&idt=242&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8002544592794&frm=20&pv=1&ga_vid=44797682.1653106688&ga_sid=1653106689&ga_hid=629932861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067545&oid=2&pvsid=251897858132814&pem=493&tmod=1196873490&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jXm8ZzuiRC&p=https%3A//kodeksy.com.ua&dtd=248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 04:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kodeksy.com.ua/	1970-01-20 06:33:22	Name: last_pages_name[0] Value: %D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0
kodeksy.com.ua/	1970-01-20 06:33:22	Name: last_pages_url[0] Value: %2F
.kodeksy.com.ua/	1970-01-20 20:42:58	Name: _ga Value: GA1.3.44797682.1653106688
.kodeksy.com.ua/	1970-01-20 03:13:13	Name: _gid Value: GA1.3.1359667320.1653106688
.kodeksy.com.ua/	1970-01-20 03:11:46	Name: _gat_gtag_UA_17274968_3 Value: 1
.kodeksy.com.ua/	1970-01-20 12:33:22	Name: __gads Value: ID=4dc9b0d15b800ede-2202a3069bcd00a5:T=1653106688:RT=1653106688:S=ALNI_MZdHMn9XMB0BzqfiZWwZ2tnDrSOfw
.doubleclick.net/	1970-01-20 12:33:22	Name: IDE Value: AHWqTUlPhgDOND840Mh3cOkpbZAtIyB3Raldq_iMqA5eWQ-KrQ8WlE2EcBUKc_bF2h4
.spotxchange.com/	1970-01-20 11:57:26	Name: audience Value: 06133675-d8bd-11ec-8000-1e5bf6c20506

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.co.uk
adservice.google.com
bid.g.doubleclick.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
kodeksy.com.ua
pagead2.googlesyndication.com
partner.googleadservices.com
r5---sn-aigl6nsd.c.2mdn.net
stats.g.doubleclick.net
sync.search.spotxchange.com
tpc.googlesyndication.com
web.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
142.250.185.162
142.250.186.66
185.94.180.126
2001:4de0:ac18::1:a:3b
2404:6800:4003:c03::78
2606:4700:3035::ac43:c131
2a00:1450:4001:800::2003
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4009:5::a
2a00:1450:400c:c0c::9d
2a00:1450:400f:804::200e
2a00:1450:4014:80f::200a
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
64.233.167.157
088e7de337a0203dae7173ef90488c347769c601b61014939ab520a32c432201
1173bc64a686c2eb12e72948b7d62fb82de048037909efed1d466008cd698f5d
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c3485fc2f67371f3a3ade7f4d80efe00a5e86f60b29eb5b54d9ee1935c240c3
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
38c442b0128c040353e356b95c9d4bbc14f264b48086fda68ddbbd4a80909423
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4bec998e1b05cf23bc04e91b2e7123e6fa366e33bb9ba36b326a86b16785d97c
4de666ea19dc2fa9d2c54a0ef96b79a4f754e7de88a2bd31aecfdab52c3f107f
5380c721af33202377a3c3b70f20697d1a5883f6abfabd089406c64c231de81d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b4f99b899abe64d34e0f9a65b1d0560d5bd3aafd55794186a88a117a7395fd
5c7abebda10b5f4b84e8b8600bbfd88a3305f2935b7d61493717a450517840da
5e37b011cc7e2c816efda04fafad988e4ad5dbfd7f39be55b7bc6f1caeea61a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d5c62a1431ac15cb92ffaa24aae918a09b5365f8a0f4b412268dd1f6459acbf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88d1c5e93db993e3cb38d9510d1123fabe60c2406581d593f8b6f2ef064a80ca
88ed3f3d5180547510b67d1277c676a2d7a4b762089dfde451a7c42fe9d563f9
8984503f395a269d0db2aa5a6cfe16747108be186a40abdcd070ab97baf9fa03
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd21f4c9389629b19f7c43ca8bfada53dce68951431d788562c9c5af148971b
8fb1b9e21c3c63e881ee8858683358ec9d0e4ae80403970b875dd25c13c66fe2
92878e8aa7f887f57a9410aaba829bf31b138d12f4ce676373050a9dbae37cd3
99136bc12134eb40ef170d349f71c90540af0443bd167765cc4d2f099b55002f
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
a18d27b1d95940d8d4569678359bc81a23763330a938f3843b64e5d9d719957d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
addbad319d403eb5ef3687ce273b4d2f91cab0d5e9ffcea375423effb3d35dbc
aed7de105e5b20ac1654ef6253ef31e00a0193371de28112ab6bf6d3aa44c85f
c91aa691ceb2d92d06f61f07771ebf655b866f43c4a7ae3cfef730976874b366
cad9ac2f77ebfb719372ec028c1fae65bcfbf81bbd7a3ede70c4d33242cbfbf7
d7317cfb9b275f8807275efa060e5a7d76984fad4a1195d98d2dcfeddb274538
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec405c626adbe2fc387c984f15c4d95c06853150d14dc1323bb66dd058c9cc52
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd605e1c67722f8fbdb6a2bf7f5b7b6abe5e22b572d8b995ea3055af306048d
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f4158f3737728c018c669913cb03f5f306370e8cd4d6869dd0aa493f42bcf29a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

kodeksy.com.ua Open in urlscan Pro 2606:4700:3035::ac43:c131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

98 %HTTPS

81 %IPv6

16 Domains

28 Subdomains

26 IPs

7 Countries

2368 kBTransfer

3738 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kodeksy.com.ua Open in urlscan Pro
2606:4700:3035::ac43:c131 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

98 %
HTTPS

81 %
IPv6

16
Domains

28
Subdomains

26
IPs

7
Countries

2368 kB
Transfer

3738 kB
Size

8
Cookies

80 HTTP transactions
4 data transactions