Submitted URL: http://chtyvo.org.ua/
Effective URL: https://chtyvo.org.ua/
Submission: On June 30 via api from GB — Scanned from GB

Summary

This website contacted 26 IPs in 5 countries across 24 domains to perform 89 HTTP transactions. The main IP is 174.138.9.142, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is chtyvo.org.ua.
TLS certificate: Issued by R3 on June 25th 2022. Valid for: 3 months.
This is the only time chtyvo.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 174.138.9.142 14061 (DIGITALOC...)
1 18.66.97.85 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
5 142.250.181.226 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 104.244.42.8 13414 (TWITTER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 11 172.217.18.2 15169 (GOOGLE)
2 4 104.18.18.126 13335 (CLOUDFLAR...)
2 3 185.33.220.242 29990 (ASN-APPNEX)
11 2a00:1450:400... 15169 (GOOGLE)
2 2 35.159.35.35 16509 (AMAZON-02)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 37.157.5.142 198622 (ADFORM)
2 2 216.52.2.30 29791 (VOXEL-DOT...)
2 2 76.223.111.18 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 142.250.185.194 15169 (GOOGLE)
89 26
Apex Domain
Subdomains
Transfer
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
316 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287
205 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
134 KB
8 chtyvo.org.ua
chtyvo.org.ua
139 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 677
syndication.twitter.com — Cisco Umbrella Rank: 869
150 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
4 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
3 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 410
948 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 660
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 790
2 KB
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4608
914 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
86 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
ssl.google-analytics.com — Cisco Umbrella Rank: 390
18 KB
2 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 44745
get.optad360.io — Cisco Umbrella Rank: 26439
462 KB
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5628
233 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 395
835 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
43 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
3 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
792 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
645 B
1 statsforads.com
www.statsforads.com — Cisco Umbrella Rank: 116159
88 KB
89 24
Domain Requested by
14 pagead2.googlesyndication.com chtyvo.org.ua
pagead2.googlesyndication.com
69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 s0.2mdn.net chtyvo.org.ua
s0.2mdn.net
11 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
8 chtyvo.org.ua 1 redirects chtyvo.org.ua
7 tpc.googlesyndication.com pagead2.googlesyndication.com
69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
chtyvo.org.ua
4 c1.adform.net 4 redirects
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 securepubads.g.doubleclick.net www.statsforads.com
securepubads.g.doubleclick.net
4 platform.twitter.com chtyvo.org.ua
platform.twitter.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 googleads4.g.doubleclick.net chtyvo.org.ua
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 pm.w55c.net 2 redirects
2 www.google.com 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 syndication.twitter.com platform.twitter.com
chtyvo.org.ua
2 adservice.google.co.uk pagead2.googlesyndication.com
2 connect.facebook.net chtyvo.org.ua
connect.facebook.net
1 rtb2-useast.e-volution.ai 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
1 px.ads.linkedin.com 1 redirects
1 www.googletagservices.com 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
1 www.facebook.com connect.facebook.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cdn.jsdelivr.net get.optad360.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 get.optad360.io www.statsforads.com
1 ssl.google-analytics.com chtyvo.org.ua
1 www.google-analytics.com chtyvo.org.ua
1 cmp.optad360.io chtyvo.org.ua
1 www.statsforads.com chtyvo.org.ua
89 33
Subject Issuer Validity Valid
chtyvo.org.ua
R3
2022-06-25 -
2022-09-23
3 months crt.sh
statsforads.com
Amazon
2021-10-18 -
2022-11-16
a year crt.sh
*.optad360.io
Amazon
2021-11-17 -
2022-12-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-04-08 -
2022-07-07
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-31 -
2022-10-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
*.google.de
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA
2021-09-13 -
2022-10-14
a year crt.sh

This page contains 15 frames:

Primary Page: https://chtyvo.org.ua/
Frame ID: 45F195DBB7C94A125E8BC743774021CE
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5512390705137507&output=html&h=400&slotname=2039655029%2F9423194429&adk=1348925964&adf=2193123101&pi=t.ma~as.2039655029%2F94231944_&w=580&lmt=1656561241&url=https%3A%2F%2Fchtyvo.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656561240796&bpp=11&bdt=520&idt=223&shv=r20220628&mjsv=m202206270101&ptt=5&saldr=sa&abxe=1&correlator=8390312080678&frm=20&pv=2&ga_vid=882662804.1656561241&ga_sid=1656561241&ga_hid=2014660360&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=503&ady=2693&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068195%2C31068268&oid=2&pvsid=1931991261665643&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=oxzcjY0KTY&p=https%3A//chtyvo.org.ua&dtd=237
Frame ID: 6824AFBE18C8D3E0FBCAC9350D9FA479
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fchtyvo.org.ua
Frame ID: CA13FFEF61B6A64595EE0613D40B8CC4
Requests: 2 HTTP requests in this frame

Frame: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E95172873ACA29D26F1E1B6CF3DC21E4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.uk.html
Frame ID: 6E6D8E3920147182AAD000F1BA1D6F1A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84675863b6544%26domain%3Dchtyvo.org.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fchtyvo.org.ua%252Ff1237a123e0e138%26relation%3Dparent.parent&container_width=145&href=http%3A%2F%2Fchtyvo.org.ua%2F&layout=button_count&locale=ru_RU&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 961902987A61F6E593AADE76288F8D8D
Requests: 1 HTTP requests in this frame

Frame: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1407898701289A030655549797B88791
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Frame ID: D3CD436ED5F31C455EA46B74E317AAC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5512390705137507&output=html&adk=1812271804&adf=3025194257&lmt=1656561242&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fchtyvo.org.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656561242093&bpp=2&bdt=1817&idt=2&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd00afeb6eb0c051%3AT%3D1656561241%3AS%3DALNI_MYnt_qX4KHHD-ZAIbrVTAhHdEekqA&prev_slotnames=2039655029%2F9423194429&nras=1&correlator=8390312080678&frm=20&pv=1&ga_vid=882662804.1656561241&ga_sid=1656561241&ga_hid=2014660360&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068195%2C31068268&oid=2&pvsid=1931991261665643&tmod=375186103&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=22
Frame ID: 091697FDD2E308A536C8B2E235A1378D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNWakRVVUD0HHgHOWroWaTb0Xq9qyD7bT77CJXquqoHamjvYVEORNTXWKpTx9y5PoWgq-Icjlgj1s3MfTBxsgHqg7toUJx73Uz6mb5xMdyz_tKR0MdFcQjHq5ytz2MjUEjK8GTISEWrY-TsFfcRA5-btsb8cSU4cdBL74E6z3VZyIMhQ1S2vnK3S2pcvJXM3N7ukm5E1j7mHt-7IkO0VQy4EFlsB7w
Frame ID: F30703B63A9D21F4472ACFD53F0C4933
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD31B40DFD5B71A8AFAA75EA94AAFDF9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 87FEA8C6CD62DF8569BFA2B9670AABD2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CBD4B526EE8E3992E658A3F413E06BE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0287AC09CA8ABA0BA3EC0607BF85E875
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Frame ID: 82E4718DDD0304761654A216B931B93F
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Чтиво

Page URL History Show full URLs

  1. http://chtyvo.org.ua/ HTTP 301
    https://chtyvo.org.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

89
Requests

89 %
HTTPS

57 %
IPv6

24
Domains

33
Subdomains

26
IPs

5
Countries

1652 kB
Transfer

3659 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chtyvo.org.ua/ HTTP 301
    https://chtyvo.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQY86nWeiiNXE6RRwpvrL8&google_cver=1
Request Chain 51
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr0eWsX--nUR08dDkI5sHgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQY86nWeiiNXE6RRwpvrL8&google_cver=1
Request Chain 52
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEjXRxbUIXlT3cVMO_yJ1dM&google_cver=1
Request Chain 53
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY4NTA1MTk2NzA5OTI0MTkwMA%3D%3D
Request Chain 63
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDXZ6inMwBg1s5Ytsce1jAI&google_cver=1&google_push=ARnp8GBi9YjzA91YlDqGpabdYTB4zhrNeI3XFZRxICqu1ihuFLEb62RZvKhJc6bi0994u9-cBcJfV3EbYfdHONul8TeLuMi0Y4MJ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDXZ6inMwBg1s5Ytsce1jAI&google_cver=1&google_push=ARnp8GBi9YjzA91YlDqGpabdYTB4zhrNeI3XFZRxICqu1ihuFLEb62RZvKhJc6bi0994u9-cBcJfV3EbYfdHONul8TeLuMi0Y4MJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3N5eWtzOW4xTzZMZkk1&google_gid=CAESEDXZ6inMwBg1s5Ytsce1jAI&google_cver=1&google_push=ARnp8GBi9YjzA91YlDqGpabdYTB4zhrNeI3XFZRxICqu1ihuFLEb62RZvKhJc6bi0994u9-cBcJfV3EbYfdHONul8TeLuMi0Y4MJ
Request Chain 64
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDfngydS-1lSzoJ45VCgeIo&google_cver=1&google_push=ARnp8GBEC56cPptnukBydceH3ySFifCh0HEFSGflGlwKrzP5ldgTBLHraEc-UaEqbppT34Om02z6YcF_6tHSiuGgqhyHtcKllAha9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GBEC56cPptnukBydceH3ySFifCh0HEFSGflGlwKrzP5ldgTBLHraEc-UaEqbppT34Om02z6YcF_6tHSiuGgqhyHtcKllAha9A
Request Chain 65
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC7PBx0iobMnJPpdmfLQFoA&google_cver=1&google_push=ARnp8GDtnVtVpPOse1BpIt2Uz96aaaeLbfe0Z0LlteWJhUw-uZExhue84iHVgwEWrzQeWuCufoza_aYekDMsSlZROuI00jpxiMyNbw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC7PBx0iobMnJPpdmfLQFoA&google_cver=1&google_push=ARnp8GDtnVtVpPOse1BpIt2Uz96aaaeLbfe0Z0LlteWJhUw-uZExhue84iHVgwEWrzQeWuCufoza_aYekDMsSlZROuI00jpxiMyNbw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI1ODE3ODY2OTUyOTY2MTQ0NA&google_push=ARnp8GDtnVtVpPOse1BpIt2Uz96aaaeLbfe0Z0LlteWJhUw-uZExhue84iHVgwEWrzQeWuCufoza_aYekDMsSlZROuI00jpxiMyNbw
Request Chain 66
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC7PBx0iobMnJPpdmfLQFoA&google_cver=1&google_push=ARnp8GAqfERR-Fn9rUEahmfi7fVhiTsZ0-KTkLBrL3BqMkqm53Ui5R5mBZ1xwtOUj0wj8zxOVtcOB3Hd-2Y3ojIU4MY9qTv4k7o-5Q HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC7PBx0iobMnJPpdmfLQFoA&google_cver=1&google_push=ARnp8GAqfERR-Fn9rUEahmfi7fVhiTsZ0-KTkLBrL3BqMkqm53Ui5R5mBZ1xwtOUj0wj8zxOVtcOB3Hd-2Y3ojIU4MY9qTv4k7o-5Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAyNjg5ODcxMjM4NzAzMzgwNA&google_push=ARnp8GAqfERR-Fn9rUEahmfi7fVhiTsZ0-KTkLBrL3BqMkqm53Ui5R5mBZ1xwtOUj0wj8zxOVtcOB3Hd-2Y3ojIU4MY9qTv4k7o-5Q
Request Chain 67
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFG8ld8VNe6bGgRtfmmB2K8&google_cver=1&google_push=ARnp8GBeG6USbL337dvGBX6U8TauuS9PEPG5b67-I0MdIifYreuiCxemUkkFevc9GIREUgxRuOr05RnIw7zzz70fpHfIJJa6bL_oEQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFG8ld8VNe6bGgRtfmmB2K8&google_cver=1&google_push=ARnp8GBeG6USbL337dvGBX6U8TauuS9PEPG5b67-I0MdIifYreuiCxemUkkFevc9GIREUgxRuOr05RnIw7zzz70fpHfIJJa6bL_oEQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBeG6USbL337dvGBX6U8TauuS9PEPG5b67-I0MdIifYreuiCxemUkkFevc9GIREUgxRuOr05RnIw7zzz70fpHfIJJa6bL_oEQ&google_hm=E5TKuGZH0PKvFfxyToWSbUd4
Request Chain 68
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBSXZh07ayQF_XviJHG3Nc8&google_cver=1&google_push=ARnp8GBY0-w7_w8wE-8MOxx6JMaIaSONp5oEbzRvY1tDWPLiwQyL88CD62ISiq40pcnBJ3clWxXrTy91zk5a03eiWgdHB2mVQc8_Kg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GBY0-w7_w8wE-8MOxx6JMaIaSONp5oEbzRvY1tDWPLiwQyL88CD62ISiq40pcnBJ3clWxXrTy91zk5a03eiWgdHB2mVQc8_Kg&google_gid=CAESEBSXZh07ayQF_XviJHG3Nc8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQwNDgxMjI5NzQ1MDMwOTI2ODE2&google_push=ARnp8GBY0-w7_w8wE-8MOxx6JMaIaSONp5oEbzRvY1tDWPLiwQyL88CD62ISiq40pcnBJ3clWxXrTy91zk5a03eiWgdHB2mVQc8_Kg

89 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
chtyvo.org.ua/
Redirect Chain
  • http://chtyvo.org.ua/
  • https://chtyvo.org.ua/
51 KB
12 KB
Document
General
Full URL
https://chtyvo.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
174.138.9.142 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
e19dfc44d9684b3af1316678083e215b138da0ed876312ed03bacb00509b399c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
11495
Content-Type
text/html; charset=utf-8
Date
Thu, 30 Jun 2022 03:54:00 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.7 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
309
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 30 Jun 2022 03:54:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://chtyvo.org.ua/
Server
Apache/2.4.41 (Ubuntu)
style.css
chtyvo.org.ua/assets/css/
17 KB
3 KB
Stylesheet
General
Full URL
https://chtyvo.org.ua/assets/css/style.css?_20201230
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
174.138.9.142 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
2b6a495c4ace02a5a17dc157938d69188e71535365efb39eaceff9137ca92166

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 03:54:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Dec 2020 18:50:47 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"44a3-5b7b2fc3af82d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3165
jquery.js
chtyvo.org.ua/assets/scripts/
70 KB
24 KB
Script
General
Full URL
https://chtyvo.org.ua/assets/scripts/jquery.js?_20201230
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
174.138.9.142 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 03:54:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Dec 2020 17:23:27 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"119ee-5b7898834fe39-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
24606
common.js
chtyvo.org.ua/assets/scripts/
6 KB
2 KB
Script
General
Full URL
https://chtyvo.org.ua/assets/scripts/common.js?_20201230
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
174.138.9.142 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
a62841b9e5b955e345c1c642935163dc9e2044c542b2f40e863b54be4eceb010

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 03:54:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Dec 2020 17:23:27 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"172b-5b7898834fe39-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1936
b040eb70-d64d-4d04-8cd7-cb900e541b75.min.js
www.statsforads.com/tag/
369 KB
88 KB
Script
General
Full URL
https://www.statsforads.com/tag/b040eb70-d64d-4d04-8cd7-cb900e541b75.min.js
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dcc62e362a13f79951a29929e0b9783af9a53f31fef4ed60b725f162e6a775e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:51:55 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 13:34:44 GMT
server
AmazonS3
age
126
etag
W/"10caa51a131d2e21347656b1a2ddc6d3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
2uinwenW-buO2YUKjyNPykXuCbbddUoRsZNOuQtG1ZDbZLXvMZiObw==
a73ccaca-803a-402f-9838-35850b472d44.min.js
cmp.optad360.io/items/
497 B
834 B
Script
General
Full URL
https://cmp.optad360.io/items/a73ccaca-803a-402f-9838-35850b472d44.min.js
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8200:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:55:12 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
61129
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
497
x-amz-cf-id
SZEoyqPXGLcIlCR807V21DdU-nUBlXv53WFTWLvjl-5uKdExOpiNvA==
centerlogo.gif
chtyvo.org.ua/assets/images/design/
5 KB
5 KB
Image
General
Full URL
https://chtyvo.org.ua/assets/images/design/centerlogo.gif
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
174.138.9.142 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
6e6666d1d9b9a978f4359712f86eea5e417de503cc144266763541b732b04b19

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 03:54:00 GMT
Last-Modified
Mon, 28 Dec 2020 17:23:27 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"13c1-5b7898834ee99"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5057
20k_.png
chtyvo.org.ua/content/images/
2 KB
2 KB
Image
General
Full URL
https://chtyvo.org.ua/content/images/20k_.png
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
174.138.9.142 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
fcaa5bbb668b3b26e7b3d2c97e3acba59a834da830b0726815c7f5ebf360ccf6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 03:54:00 GMT
Last-Modified
Thu, 12 Aug 2021 09:36:35 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"6be-5c9597894eb85"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1726
corrupted_covers.jpg
chtyvo.org.ua/content/images/
90 KB
90 KB
Image
General
Full URL
https://chtyvo.org.ua/content/images/corrupted_covers.jpg
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
174.138.9.142 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
b5e45c1317da4dfc410ab6c1d707c04e5013936bbcece030ef1a6d9cd0c98ac6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 03:54:00 GMT
Last-Modified
Wed, 06 Jan 2021 17:10:16 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"16794-5b83e65a29da0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
92052
show_ads.js
pagead2.googlesyndication.com/pagead/
116 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a58159e81b43f3748478de3ed6edac89e008f248899a2cef3cc9223cc08273b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39872
x-xss-protection
0
server
cafe
etag
9135785376294667548
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 03:54:00 GMT
ga.js
www.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5354
date
Thu, 30 Jun 2022 02:24:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 30 Jun 2022 04:24:46 GMT
__utm.gif
ssl.google-analytics.com/r/
35 B
396 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1527619290&utmhn=chtyvo.org.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A7%D1%82%D0%B8%D0%B2%D0%BE&utmhid=2014660360&utmr=-&utmp=%2F&utmht=1656561240727&utmac=UA-15381598-1&utmcc=__utma%3D206820033.882662804.1656561241.1656561241.1656561241.1%3B%2B__utmz%3D206820033.1656561241.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1313004571&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5d3d8a9b2def0ab27065686662a5af7c3b1e30e36c98ac78bace94c7a23e6f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122511
x-xss-protection
0
server
cafe
etag
9936663572224274134
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 03:54:00 GMT
all.js
connect.facebook.net/uk_UA/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/uk_UA/all.js
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdda0c0b749426d8043d6ccd7fc52d94fd2651d9ae650440e7ed4552bab2c9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ToloeD5LSn//8/8UxWIsgQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
DokCsbmZtVSVwzTD2CjkU2ehcqQf0eE1k1SZhk0T2JhYhLJFysbvPwnF8uKVgJ/KI/xPhe3S3vsTqRBVReieIg==
x-fb-trip-id
917726464
x-fb-content-md5
4e92ee161a676df22ad959e43c80d6c6
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 30 Jun 2022 03:54:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"128ecc16e25572653820200ffbcda80d"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 03:56:12 GMT
widgets.js
platform.twitter.com/
97 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F346) /
Resource Hash
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 03:54:01 GMT
Content-Encoding
gzip
Age
469
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29459
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:12:37 GMT
Server
ECS (via/F346)
Etag
"5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.statsforads.com
URL: https://www.statsforads.com/tag/b040eb70-d64d-4d04-8cd7-cb900e541b75.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
8af594bfbdd1efc543b1dfdfd771d97631d6a30f8d3ac0ca4d19888cbf4d0354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28092
x-xss-protection
0
server
sffe
etag
"1259 / 791 of 1000 / last-modified: 1656540322"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Jun 2022 03:54:01 GMT
prebid5.14.0.js
get.optad360.io/sf/
460 KB
461 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: www.statsforads.com
URL: https://www.statsforads.com/tag/b040eb70-d64d-4d04-8cd7-cb900e541b75.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:f800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 03:00:42 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
11062400
etag
"6dd0a13bde35d2daa452bba998871016"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
471445
x-amz-cf-id
RWgC3bMw497U6tunZrfl99c_8WHBvbHs04VyocSC8fdqnlwZLNdU6g==
cookie.js
partner.googleadservices.com/gampad/
217 B
645 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=chtyvo.org.ua&callback=_gfp_s_&client=ca-pub-5512390705137507
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d390ef7da234716c72621700171e881d88ac63c6ca82a71fb069d8251ee3f4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=chtyvo.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=chtyvo.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6824
603 B
627 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5512390705137507&output=html&h=400&slotname=2039655029%2F9423194429&adk=1348925964&adf=2193123101&pi=t.ma~as.2039655029%2F94231944_&w=580&lmt=1656561241&url=https%3A%2F%2Fchtyvo.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656561240796&bpp=11&bdt=520&idt=223&shv=r20220628&mjsv=m202206270101&ptt=5&saldr=sa&abxe=1&correlator=8390312080678&frm=20&pv=2&ga_vid=882662804.1656561241&ga_sid=1656561241&ga_hid=2014660360&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=503&ady=2693&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068195%2C31068268&oid=2&pvsid=1931991261665643&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=oxzcjY0KTY&p=https%3A//chtyvo.org.ua&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 03:54:01 GMT
expires
Thu, 30 Jun 2022 03:54:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
all.js
connect.facebook.net/uk_UA/
296 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/uk_UA/all.js?hash=425a2f3ef891981b33ab25b0b3944779
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cc7cfb2bbac66523b800ab4867e077f25614657b11c2e595f4e9d253aadd74d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://chtyvo.org.ua/
Origin
https://chtyvo.org.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
gj7SGm9aACFZBifaWBI+MA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86111
x-fb-rlafr
0
x-fb-debug
groTcpNaoVtugUj6wascZIs0fEBopsZOG213F16D5VacaZXIhqvE+pT7hJqi7RtTIbyyLkAmVtdlyPA+3cVfGw==
x-fb-content-md5
61df54ba472c1c5dc67b3ba96814313d
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 30 Jun 2022 03:54:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ced20e152004e67a76d31daee73c4ffb"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 30 Jun 2023 02:16:03 GMT
widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html
platform.twitter.com/widgets/ Frame CA13
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fchtyvo.org.ua
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F338) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
131001
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Thu, 30 Jun 2022 03:54:01 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:40 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (via/F338)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
pubads_impl_2022062701.js
securepubads.g.doubleclick.net/gpt/
373 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 11:20:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232408
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130259
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:39:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Jun 2023 11:20:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
71 B
95 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=chtyvo.org.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
542ffe743a87a3f9eb0d86a64c476d23ccd575bce23995f8de58789e2907ec7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70
x-xss-protection
0
expires
Thu, 30 Jun 2022 03:54:01 GMT
settings
syndication.twitter.com/ Frame CA13
512 B
521 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=736787c170932c914af5abe26ab282bc31a5d1e0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fchtyvo.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
a15f95e938fbfd9ffef12a20682cdb3eebc3cfefa4843ceab38d0ff1a612cbda
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
104
date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 03:54:01 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
cd3eb460d451412a2fe8a977e1cce27e10437454cf3b5651f79079dd36aabe96
content-length
241
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220630
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee7fd527073894328353617d78a729b5ae035e09df3ac50748eba0dfe014570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chtyvo.org.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3180
x-jsd-version
1.0.1387
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA, cache-iad-kiad7000146-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"672-ArqJr8w1x3nHvqYicARiLSnnHRU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMzUE1Lh3A9XNu5vTqPXJ8To4NnG7LAVJxno24DeSqEDaGTIsz3mpWWolvOj0W6r77W%2BuENlTTVw0IBesKBwS%2FvXsRxXEVih%2BQQxUOgIVbb33kHyJfXdLPMz7mueU8ArrjZGk4XVfvAkxvT%2FpBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7233f5504fd8775c-LHR
access-control-expose-headers
*
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=chtyvo.org.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=chtyvo.org.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
17 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1931991261665643&correlator=3557868999857328&eid=31068034%2C31068249&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fif&iu_parts=121764058%3A22668023065%2Cop11-chtyvo.org.ua_157x600-STAT&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600&ifi=2&adks=946669772&sfv=1-0-38&ecs=20220630&fsapi=false&sc=1&cookie=ID%3Dbd00afeb6eb0c051-2232cbff41d300fa%3AT%3D1656561241%3ART%3D1656561241%3AS%3DALNI_MZ3dQsbfPrbnNoC1HvYc3SlQjfUSA&abxe=1&dt=1656561241650&lmt=1656561241&dlt=1656561240276&idt=1349&biw=1600&bih=1200&adxs=1459&adys=311&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fchtyvo.org.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=120x0&fws=128&ohw=0&ga_vid=882662804.1656561241&ga_sid=1656561241&ga_hid=2014660360&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a60a15087d495731590eb2dcec7f697409f5900f02a805056552a9a4cb11cd3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chtyvo.org.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E951
6 KB
4 KB
Document
General
Full URL
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 03:54:01 GMT
expires
Fri, 30 Jun 2023 03:54:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
button.06b07097969b3b070809511391362bf4.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.06b07097969b3b070809511391362bf4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F346) /
Resource Hash
eee9168df7a4a7233767630663c79810369a4153a859ad69619dc485688857fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 03:54:01 GMT
Content-Encoding
gzip
Age
131000
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2358
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:01:33 GMT
Server
ECS (via/F346)
Etag
"e16eea3c764138a15e7eea1bf8c0f316+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.uk.html
platform.twitter.com/widgets/ Frame 6E6D
33 KB
13 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.uk.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F346) /
Resource Hash
ef7e3a7a9f0e970fc80a3d77944c790b30f27ce8a9c6fadfdf48050ee30b6618

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
130937
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12685
Content-Type
text/html; charset=utf-8
Date
Thu, 30 Jun 2022 03:54:01 GMT
Etag
"19b23d4b80fce91c5d4634206948496b+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:38 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (via/F346)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
jot
syndication.twitter.com/i/
43 B
334 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fchtyvo.org.ua%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22uk%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1656561241761%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b45a03c79d4c1%3A1654150928467%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=736787c170932c914af5abe26ab282bc31a5d1e0
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Thu, 30 Jun 2022 03:54:01 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
cd3eb460d451412a2fe8a977e1cce27e10437454cf3b5651f79079dd36aabe96
x-transaction
589d1599b434850e
expires
Tue, 31 Mar 1981 05:00:00 GMT
truncated
/ Frame 6E6D
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
163 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ebd6040b003d3566ec4489841b0f544e105d329b93879c6c0fcf711fd605b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56408
x-xss-protection
0
server
cafe
etag
17021409583582977767
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 03:54:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220628&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04c79a8ff678e785a67016212f56d4215c9ebf1555fb6e15c6f0a0b24b1d80eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10627
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame 9619
0
3 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84675863b6544%26domain%3Dchtyvo.org.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fchtyvo.org.ua%252Ff1237a123e0e138%26relation%3Dparent.parent&container_width=145&href=http%3A%2F%2Fchtyvo.org.ua%2F&layout=button_count&locale=ru_RU&sdk=joey&send=false&show_faces=false&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/all.js?hash=425a2f3ef891981b33ab25b0b3944779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 30 Jun 2022 03:54:02 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
2edO+aiFVVhjygY4n4E1gp7A6hJjTz/DsEYvIZYY25Itb28K6TOXpU1Z8OUCT0XYhxSAs3nmlcNybbgNcLavsQ==
x-xss-protection
0
container.html
69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1407
6 KB
3 KB
Document
General
Full URL
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 03:54:01 GMT
expires
Fri, 30 Jun 2023 03:54:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/ Frame D3CD
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
44100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 15:39:02 GMT
etag
10429905676100781186
expires
Wed, 13 Jul 2022 15:39:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=chtyvo.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=chtyvo.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0916
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5512390705137507&output=html&adk=1812271804&adf=3025194257&lmt=1656561242&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fchtyvo.org.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656561242093&bpp=2&bdt=1817&idt=2&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd00afeb6eb0c051%3AT%3D1656561241%3AS%3DALNI_MYnt_qX4KHHD-ZAIbrVTAhHdEekqA&prev_slotnames=2039655029%2F9423194429&nras=1&correlator=8390312080678&frm=20&pv=1&ga_vid=882662804.1656561241&ga_sid=1656561241&ga_hid=2014660360&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068195%2C31068268&oid=2&pvsid=1931991261665643&tmod=375186103&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 03:54:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5512390705137507&plah=chtyvo.org.ua&bust=31068268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 03:54:02 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F307
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNWakRVVUD0HHgHOWroWaTb0Xq9qyD7bT77CJXquqoHamjvYVEORNTXWKpTx9y5PoWgq-Icjlgj1s3MfTBxsgHqg7toUJx73Uz6mb5xMdyz_tKR0MdFcQjHq5ytz2MjUEjK8GTISEWrY-TsFfcRA5-btsb8cSU4cdBL74E6z3VZyIMhQ1S2vnK3S2pcvJXM3N7ukm5E1j7mHt-7IkO0VQy4EFlsB7w
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 03:54:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1407
77 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKpFsIjz_NEMmcafM8s23Z2Jt_TAyixsD-r0xNkNWZS4gId-dvdGn3ht1Y-M9eKssYvLHT3DM0O6w49gPICVVzb86cr6cMcunnrvbw44WnFAhMNafITIg2FfO2QAAe9QLAll7QDWIade1YVxzFotbR13mSsg&dbm_d=AKAmf-BW5D4IKBlpCfVxDjMjQgtodMBVQ9_6E0UdOVaJzl7u8t4QklRxFH2vF4iMAQzdIIBqAgarIUDdaliSvOXVjfCmNBM3YEvwxf9_wmeBZoVI0SN3o4Z0KBXIJ7aryq-dus25J4J6gJiBrd19GDnuVGOrFJA03Na4j6pkxGTnhpyKrvAZTZ2YzxSF8o6slK8gY32yg4UaRX0wca5MSN8WULicd-ASjVQxUxPIVtd416jgWbsq82vwiPKRzzmszQZmN6EE0CMmOXulbFoItknlyB5xReEF_IecL529qZUeiXzFLU3ZyfzXRE7QTyP9awRWMZDG4eLEowPCT--8V9YYdl-juVvhODU2MJ0PGmghAEIt9WhTHHXf6tkgoauXWBmai58IOm2zSXgc__aKsAjLo5IEVc_hUancF-F60o-hS-zjrMeZUSkl4BluCVmHAYQ2FXOidufM8GeLPQ0e9KSI1ZjhFaR2VFeGxwiU6wwwrD_WYTemmJsV1ospGF4jnv-ZEislg8U-Vr8rjw30A7aXQtRLoYt_OglDJxdfkylyf6pPR3__kttU1uUatrv71mYkNaWIym51Dm4Zy-dZsRjpUjC_Mbm5iOX-0J1AR6I-AVnRffBV2pddjuZ4EEC0phxKZw7EjN4a6N__dZhGDpHch_1GLDbIZucfNGzgua4Iu7lfH-aPPr3PI8LV27q5uSUOT8eRiXEjEQPCnn2iALQnEjUxl8wPZdjI6SehhZ3vMvl6UsuwOLU2rJwZx9Fy6-HKDjNGyT4jWmmccWxF1BuR5j2hB8iZB-eaPQhYF85ORvcLNrpWXkLeS3WszaNUo3Q7TE0MwhTjWmJ-B9qtFGDhtC_oxdwiKx6j6aXJEt-PkuNWUUPVrlGr2bpWNnnI5qs9-Ii4sXkUxUaSh-E0VaDDuUuGCkct6Dl5OlWVHmNU7R0uOXBuv9pDw8l0ctsOs3FTQ6JRTRqoFKy4dnF1a5uoFSkLCgUeR8KBrgPqR8WK-r7NMupSTPKWiYDdK0YvnORbMQkl13yqgBN8CEvm9FRMGpY50azTz5dgKuVXcEJNVssupW65uF3ZVQ36G2XYZlEWEIDjzTLwYE2JR8zyLqx8FYd6fYvD5VYHWsZuM81ks1ZfqTx6GREyRn--lJeIYCatzLf37uAiQJRViUO9R93WfR7UuAXy1v2VtcHPJkh_bBbuevIezCRRokpk8F4bje8kH_zX1f_rwHrcdy6mXoLW4WxJlEDpONRw4U9LMXbHp415xHr0VRGnflHzraCHgjKsjTUoQaJlcE80dS0hobp7sIV_YML4zzA_zrA5IfwpqhFTSBfOJucRPXFq0gcLtk71Z8H73P45Ufe92iycAn82ZB6AjVqLdwybnRwB6-onQkKG6VQPlk4SSAdArYB0OJ7HFuPZvGUaxnkZiQdfw2BjUbjS_6EZDw6diJ2c2WKvHnJUrnwporVPZVxjSULop36Jbrn6nQbweNB6MNWNR83-BBG0OyBLBxC2drISTkZuYXRDzqTduH0BM-2PTCNTwF-g_4VQ4rFg1z_3k0gM3mo4KVDjAYMVywegp43c-YNlMly9vCeNTzq06V4N300WRFT1mhUHTFwrM8jWxCdzBS3Bp4eJXNaOE9EjBs4HAz4_9EBKT8DtGDY7EzD7l4Nv3m-ns0wJR6FLlhK-9eXLx1HvdhL52BS4CZQWZkBktqk_PEALFl_71QvE4aECYy0ZTRy-MxxZOnMnxSwZ2YwmuvFV_-IGXJpWXjqBiGJ3vJuOFTxZojA028wseKlYA9KYrd-XMPgBPI8nfpqKOkvhW-Xq5KZuqVnIAAhzrkWYqwe8E4gbDHdt9F9Vw-3wWbuVXiyJxi_VNN5JWC8y9d55rA9E_bRR9_FlLpfou-sMs7RmUGCp1QiHNT8iYi8tDrJDyXwizVOu2mtKVdik-oKv1DuNd8_9a6wrXEgrlQUpURYbr33svvLc7YgabQnO3AxYSqZI_Nj9-3DzvYV9T4yZuvpDb3ynbiSYbJfZ01u41_DLPiRYhL1Ud8eLgKeRVJxPma3aOtgstgXceab6Q4aLTcGNGC0lNlsrv1hZu94BLAc3_JafTLiDK2Jno7N97_iXxOlewHztkSqxiaJHoPzgE8A2u0y4Ni3zR126LPMnEOqvHvBsPB95aoUf6CmYTTMYCze6eAunzXE8jlUzvf_8VoQ7frU4sz6SaJmfnsrhQv5rV8dez9xxYaTJOnLo0JufyTUniAKkenGnJLXsQc5Zd27gMgPfJi_N1XzVlGRpaC94K-qM1BPnDWHxSkpjUAAmA4CBA_4MgXReGyttEwfqLeJAdio4c-F9b9_311FXWc4TuP8mX1piSWoLBj6puvUvav2TiwGlYnDuH7gwJwXLbwq33BoXt3vZ25kStUbN_mJh5vWr-YJyRVgu3MLvLvyClJ-8w-9fuekLfgIToTQSD5JCRLzcettdRZU2fXiOys-SypKlsXPqVKfdRuPIYCgbWSe71C0bwBJCx5F5ZKgCwMqWBbvtno6iV79gkf3IofSlw0N6g05nStjm-tUqOvQl0fJto4obDxKvj7VVEzJmm4tCq6Xld3BaTmKKJftjBOkXTV11gkIDAmm7gmCSi_jUQwwYgklaxgIrjgAoQ1n-Nc6nLAnqD12OsWBAHU9Ao9r35WL2TA72DNi60g6zVcpxRe-0hDITyupokCPFJmct1Fo4sNC8w85JlhbFzSC-axxUgBuIlEMJ4dXU8AKrWK04R2SpFpgPDY1k_IYIGTLK9xok_SWzKumLX4MIeNKU7nkZVlwZXHUEJ5GCYDv6ErnPyRJefDPQy_dXJFzkoo5aaYafmgFiNAzuS3R-WQUjKc3CzamHmiGUsbkRKFwGGtxQ_eiPqilDvy_VG1dXUxxvBi0aFTXRApUDCCMuHlc2nZVEW0AywZSzW2OheKhY1dnh4ZDVF8hlPEOqHt2KWd-YYUuy2MXk-TBQimdCzeH2RN_SAWNfDpEu9lclQ89WXD74tit1P3zTfTrZgATkEDdcbFYNZ6DP3UceCFeHZ2FRuJMSD2A_C48wVTQ_UJfnQEV743bcRBVVUpxzBVGZ3lkqayHeFMB1R_1y3sPKMRSEhzvxx5sIq_OMlQtYaTTTn3WIIfrt8a2OVK6xDOkH_l4hHvSzwdiM_QBbSIVfSVkmAuLx673aqN-en9WnBrQR7CzYUuFk9395mKv_8DQSt9IZJJE6k4w_iJSacjTxxAT_0Iv9q2pBawGXk9VwJ260YbHI2eU0D6BnjraueWI3QtuBkR9VWuRgDUIJG5264YKm-eaLpoCgwtauFDtR0FfkI5wzy1S5nGZaJV9pfoC5LVjlpcIkmgCdWuh3wCbRYq8auJs3H6UOniC7Mei9Ze3zdcZL_AESBIurE4jK9DQfIYCKk8tQLpsplk6jAsXkkDrZ_C7SHKuh4GMC2PWMcIwZZlpu_v0tRwx0uBjfH5xR_cTqW-lJ-oc4eyJnsytFYoXjKUFVzVPniA1ODm8&cid=CAASJeRoNLntskYvcxusNZmCaHiWQbYJEY-P8iNw8sqYyqOH0o8KzGw&rfl=1%2Chttps%253A%252F%252Fchtyvo.org.ua%252F%240
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aed43a4d92c4ad6f234352f5d36369f44f272969fc5334a6a58e699decfcd99f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33028
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1407
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B4nX1Fs40N_J9bemLgZ2-peEQGbFnv50QyjOC8OX2wyZ0vZx4zTaM0kgDwL-X-zPGvVW9Zx89p4Jr5qbNeWk14L9dXYzllihooYiDxGs8xH_9H7gc
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 1407
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 03:05:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 1407
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 03:12:46 GMT
l
www.google.com/ads/measurement/ Frame 1407
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSK7QBCUdCpjt9iefTO1d6X7Ippz9JkgMtergGTYlvukS3ZVAmr8XtX89pAnbk9i1DMNJv5MVdK9C4Wsy5sjzUjmlWYPg
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1407
138 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 03:54:02 GMT
rum
dsum-sec.casalemedia.com/ Frame F307
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQY86nWeiiNXE6RRwpvrL8&google_cver=1
43 B
947 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQY86nWeiiNXE6RRwpvrL8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNWakRVVUD0HHgHOWroWaTb0Xq9qyD7bT77CJXquqoHamjvYVEORNTXWKpTx9y5PoWgq-Icjlgj1s3MfTBxsgHqg7toUJx73Uz6mb5xMdyz_tKR0MdFcQjHq5ytz2MjUEjK8GTISEWrY-TsFfcRA5-btsb8cSU4cdBL74E6z3VZyIMhQ1S2vnK3S2pcvJXM3N7ukm5E1j7mHt-7IkO0VQy4EFlsB7w
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7233f5560d67774d-LHR
pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XZBZobvBQlPVF%2FC8m%2FpN8q6Rwh2buLFo2Q1AVEktSx8aeeYGk1jByGPXTfQ8AE%2B2mZUIpf1L3raag8kXokyiflBNgqe7OC1xWxsE%2FAvnE7usDUUuTS6O9KUNVB9ksHlcNvIYFHMXFiJnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQY86nWeiiNXE6RRwpvrL8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F307
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr0eWsX--nUR08dDkI5sHgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQY86nWeiiNXE6RRwpvrL8&google_cver=1
43 B
911 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQY86nWeiiNXE6RRwpvrL8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNWakRVVUD0HHgHOWroWaTb0Xq9qyD7bT77CJXquqoHamjvYVEORNTXWKpTx9y5PoWgq-Icjlgj1s3MfTBxsgHqg7toUJx73Uz6mb5xMdyz_tKR0MdFcQjHq5ytz2MjUEjK8GTISEWrY-TsFfcRA5-btsb8cSU4cdBL74E6z3VZyIMhQ1S2vnK3S2pcvJXM3N7ukm5E1j7mHt-7IkO0VQy4EFlsB7w
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7233f5572efe774d-LHR
pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDHUcnngfUZRZ3DRIJq%2F0vM4wEVGZr2Lz%2FndHi6dSeF699TGranzphF04oyEsGVzEd2KrQvFtoILF7qW7BF0yBmaVtgyxcH9cnymoEuEfahsURALgg2ogI7RWT%2BOKEQF%2Fnm6mL%2FuP01%2Bwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQY86nWeiiNXE6RRwpvrL8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F307
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEjXRxbUIXlT3cVMO_yJ1dM&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEjXRxbUIXlT3cVMO_yJ1dM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNWakRVVUD0HHgHOWroWaTb0Xq9qyD7bT77CJXquqoHamjvYVEORNTXWKpTx9y5PoWgq-Icjlgj1s3MfTBxsgHqg7toUJx73Uz6mb5xMdyz_tKR0MdFcQjHq5ytz2MjUEjK8GTISEWrY-TsFfcRA5-btsb8cSU4cdBL74E6z3VZyIMhQ1S2vnK3S2pcvJXM3N7ukm5E1j7mHt-7IkO0VQy4EFlsB7w
Protocol
HTTP/1.1
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jun 2022 03:54:02 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
089f5960-5031-4a87-a0ae-341d608a7b7b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEjXRxbUIXlT3cVMO_yJ1dM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F307
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY4NTA1MTk2NzA5OTI0MTkwMA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY4NTA1MTk2NzA5OTI0MTkwMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEY-Nr8tQEwAQ&v=APEucNWakRVVUD0HHgHOWroWaTb0Xq9qyD7bT77CJXquqoHamjvYVEORNTXWKpTx9y5PoWgq-Icjlgj1s3MfTBxsgHqg7toUJx73Uz6mb5xMdyz_tKR0MdFcQjHq5ytz2MjUEjK8GTISEWrY-TsFfcRA5-btsb8cSU4cdBL74E6z3VZyIMhQ1S2vnK3S2pcvJXM3N7ukm5E1j7mHt-7IkO0VQy4EFlsB7w
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 30 Jun 2022 03:54:02 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6f105c72-64cd-46ce-a9c8-0e60c8924030
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY4NTA1MTk2NzA5OTI0MTkwMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD31
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
21838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 21:50:04 GMT
expires
Thu, 29 Jun 2023 21:50:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 87FE
783 B
999 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9471c46ce72eff84a4f0d530f3e99aec00dd17a9bf16bff184d42fef310ae852
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sw0CqJ8IvSiUJy1bGfBogw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chtyvo.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-sw0CqJ8IvSiUJy1bGfBogw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 03:54:02 GMT
expires
Thu, 30 Jun 2022 03:54:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1407
106 KB
38 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
Origin
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 11:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Jun 2022 11:29:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame 1407
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKpFsIjz_NEMmcafM8s23Z2Jt_TAyixsD-r0xNkNWZS4gId-dvdGn3ht1Y-M9eKssYvLHT3DM0O6w49gPICVVzb86cr6cMcunnrvbw44WnFAhMNafITIg2FfO2QAAe9QLAll7QDWIade1YVxzFotbR13mSsg&dbm_d=AKAmf-BW5D4IKBlpCfVxDjMjQgtodMBVQ9_6E0UdOVaJzl7u8t4QklRxFH2vF4iMAQzdIIBqAgarIUDdaliSvOXVjfCmNBM3YEvwxf9_wmeBZoVI0SN3o4Z0KBXIJ7aryq-dus25J4J6gJiBrd19GDnuVGOrFJA03Na4j6pkxGTnhpyKrvAZTZ2YzxSF8o6slK8gY32yg4UaRX0wca5MSN8WULicd-ASjVQxUxPIVtd416jgWbsq82vwiPKRzzmszQZmN6EE0CMmOXulbFoItknlyB5xReEF_IecL529qZUeiXzFLU3ZyfzXRE7QTyP9awRWMZDG4eLEowPCT--8V9YYdl-juVvhODU2MJ0PGmghAEIt9WhTHHXf6tkgoauXWBmai58IOm2zSXgc__aKsAjLo5IEVc_hUancF-F60o-hS-zjrMeZUSkl4BluCVmHAYQ2FXOidufM8GeLPQ0e9KSI1ZjhFaR2VFeGxwiU6wwwrD_WYTemmJsV1ospGF4jnv-ZEislg8U-Vr8rjw30A7aXQtRLoYt_OglDJxdfkylyf6pPR3__kttU1uUatrv71mYkNaWIym51Dm4Zy-dZsRjpUjC_Mbm5iOX-0J1AR6I-AVnRffBV2pddjuZ4EEC0phxKZw7EjN4a6N__dZhGDpHch_1GLDbIZucfNGzgua4Iu7lfH-aPPr3PI8LV27q5uSUOT8eRiXEjEQPCnn2iALQnEjUxl8wPZdjI6SehhZ3vMvl6UsuwOLU2rJwZx9Fy6-HKDjNGyT4jWmmccWxF1BuR5j2hB8iZB-eaPQhYF85ORvcLNrpWXkLeS3WszaNUo3Q7TE0MwhTjWmJ-B9qtFGDhtC_oxdwiKx6j6aXJEt-PkuNWUUPVrlGr2bpWNnnI5qs9-Ii4sXkUxUaSh-E0VaDDuUuGCkct6Dl5OlWVHmNU7R0uOXBuv9pDw8l0ctsOs3FTQ6JRTRqoFKy4dnF1a5uoFSkLCgUeR8KBrgPqR8WK-r7NMupSTPKWiYDdK0YvnORbMQkl13yqgBN8CEvm9FRMGpY50azTz5dgKuVXcEJNVssupW65uF3ZVQ36G2XYZlEWEIDjzTLwYE2JR8zyLqx8FYd6fYvD5VYHWsZuM81ks1ZfqTx6GREyRn--lJeIYCatzLf37uAiQJRViUO9R93WfR7UuAXy1v2VtcHPJkh_bBbuevIezCRRokpk8F4bje8kH_zX1f_rwHrcdy6mXoLW4WxJlEDpONRw4U9LMXbHp415xHr0VRGnflHzraCHgjKsjTUoQaJlcE80dS0hobp7sIV_YML4zzA_zrA5IfwpqhFTSBfOJucRPXFq0gcLtk71Z8H73P45Ufe92iycAn82ZB6AjVqLdwybnRwB6-onQkKG6VQPlk4SSAdArYB0OJ7HFuPZvGUaxnkZiQdfw2BjUbjS_6EZDw6diJ2c2WKvHnJUrnwporVPZVxjSULop36Jbrn6nQbweNB6MNWNR83-BBG0OyBLBxC2drISTkZuYXRDzqTduH0BM-2PTCNTwF-g_4VQ4rFg1z_3k0gM3mo4KVDjAYMVywegp43c-YNlMly9vCeNTzq06V4N300WRFT1mhUHTFwrM8jWxCdzBS3Bp4eJXNaOE9EjBs4HAz4_9EBKT8DtGDY7EzD7l4Nv3m-ns0wJR6FLlhK-9eXLx1HvdhL52BS4CZQWZkBktqk_PEALFl_71QvE4aECYy0ZTRy-MxxZOnMnxSwZ2YwmuvFV_-IGXJpWXjqBiGJ3vJuOFTxZojA028wseKlYA9KYrd-XMPgBPI8nfpqKOkvhW-Xq5KZuqVnIAAhzrkWYqwe8E4gbDHdt9F9Vw-3wWbuVXiyJxi_VNN5JWC8y9d55rA9E_bRR9_FlLpfou-sMs7RmUGCp1QiHNT8iYi8tDrJDyXwizVOu2mtKVdik-oKv1DuNd8_9a6wrXEgrlQUpURYbr33svvLc7YgabQnO3AxYSqZI_Nj9-3DzvYV9T4yZuvpDb3ynbiSYbJfZ01u41_DLPiRYhL1Ud8eLgKeRVJxPma3aOtgstgXceab6Q4aLTcGNGC0lNlsrv1hZu94BLAc3_JafTLiDK2Jno7N97_iXxOlewHztkSqxiaJHoPzgE8A2u0y4Ni3zR126LPMnEOqvHvBsPB95aoUf6CmYTTMYCze6eAunzXE8jlUzvf_8VoQ7frU4sz6SaJmfnsrhQv5rV8dez9xxYaTJOnLo0JufyTUniAKkenGnJLXsQc5Zd27gMgPfJi_N1XzVlGRpaC94K-qM1BPnDWHxSkpjUAAmA4CBA_4MgXReGyttEwfqLeJAdio4c-F9b9_311FXWc4TuP8mX1piSWoLBj6puvUvav2TiwGlYnDuH7gwJwXLbwq33BoXt3vZ25kStUbN_mJh5vWr-YJyRVgu3MLvLvyClJ-8w-9fuekLfgIToTQSD5JCRLzcettdRZU2fXiOys-SypKlsXPqVKfdRuPIYCgbWSe71C0bwBJCx5F5ZKgCwMqWBbvtno6iV79gkf3IofSlw0N6g05nStjm-tUqOvQl0fJto4obDxKvj7VVEzJmm4tCq6Xld3BaTmKKJftjBOkXTV11gkIDAmm7gmCSi_jUQwwYgklaxgIrjgAoQ1n-Nc6nLAnqD12OsWBAHU9Ao9r35WL2TA72DNi60g6zVcpxRe-0hDITyupokCPFJmct1Fo4sNC8w85JlhbFzSC-axxUgBuIlEMJ4dXU8AKrWK04R2SpFpgPDY1k_IYIGTLK9xok_SWzKumLX4MIeNKU7nkZVlwZXHUEJ5GCYDv6ErnPyRJefDPQy_dXJFzkoo5aaYafmgFiNAzuS3R-WQUjKc3CzamHmiGUsbkRKFwGGtxQ_eiPqilDvy_VG1dXUxxvBi0aFTXRApUDCCMuHlc2nZVEW0AywZSzW2OheKhY1dnh4ZDVF8hlPEOqHt2KWd-YYUuy2MXk-TBQimdCzeH2RN_SAWNfDpEu9lclQ89WXD74tit1P3zTfTrZgATkEDdcbFYNZ6DP3UceCFeHZ2FRuJMSD2A_C48wVTQ_UJfnQEV743bcRBVVUpxzBVGZ3lkqayHeFMB1R_1y3sPKMRSEhzvxx5sIq_OMlQtYaTTTn3WIIfrt8a2OVK6xDOkH_l4hHvSzwdiM_QBbSIVfSVkmAuLx673aqN-en9WnBrQR7CzYUuFk9395mKv_8DQSt9IZJJE6k4w_iJSacjTxxAT_0Iv9q2pBawGXk9VwJ260YbHI2eU0D6BnjraueWI3QtuBkR9VWuRgDUIJG5264YKm-eaLpoCgwtauFDtR0FfkI5wzy1S5nGZaJV9pfoC5LVjlpcIkmgCdWuh3wCbRYq8auJs3H6UOniC7Mei9Ze3zdcZL_AESBIurE4jK9DQfIYCKk8tQLpsplk6jAsXkkDrZ_C7SHKuh4GMC2PWMcIwZZlpu_v0tRwx0uBjfH5xR_cTqW-lJ-oc4eyJnsytFYoXjKUFVzVPniA1ODm8&cid=CAASJeRoNLntskYvcxusNZmCaHiWQbYJEY-P8iNw8sqYyqOH0o8KzGw&rfl=1%2Chttps%253A%252F%252Fchtyvo.org.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 03:35:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame 1407
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKpFsIjz_NEMmcafM8s23Z2Jt_TAyixsD-r0xNkNWZS4gId-dvdGn3ht1Y-M9eKssYvLHT3DM0O6w49gPICVVzb86cr6cMcunnrvbw44WnFAhMNafITIg2FfO2QAAe9QLAll7QDWIade1YVxzFotbR13mSsg&dbm_d=AKAmf-BW5D4IKBlpCfVxDjMjQgtodMBVQ9_6E0UdOVaJzl7u8t4QklRxFH2vF4iMAQzdIIBqAgarIUDdaliSvOXVjfCmNBM3YEvwxf9_wmeBZoVI0SN3o4Z0KBXIJ7aryq-dus25J4J6gJiBrd19GDnuVGOrFJA03Na4j6pkxGTnhpyKrvAZTZ2YzxSF8o6slK8gY32yg4UaRX0wca5MSN8WULicd-ASjVQxUxPIVtd416jgWbsq82vwiPKRzzmszQZmN6EE0CMmOXulbFoItknlyB5xReEF_IecL529qZUeiXzFLU3ZyfzXRE7QTyP9awRWMZDG4eLEowPCT--8V9YYdl-juVvhODU2MJ0PGmghAEIt9WhTHHXf6tkgoauXWBmai58IOm2zSXgc__aKsAjLo5IEVc_hUancF-F60o-hS-zjrMeZUSkl4BluCVmHAYQ2FXOidufM8GeLPQ0e9KSI1ZjhFaR2VFeGxwiU6wwwrD_WYTemmJsV1ospGF4jnv-ZEislg8U-Vr8rjw30A7aXQtRLoYt_OglDJxdfkylyf6pPR3__kttU1uUatrv71mYkNaWIym51Dm4Zy-dZsRjpUjC_Mbm5iOX-0J1AR6I-AVnRffBV2pddjuZ4EEC0phxKZw7EjN4a6N__dZhGDpHch_1GLDbIZucfNGzgua4Iu7lfH-aPPr3PI8LV27q5uSUOT8eRiXEjEQPCnn2iALQnEjUxl8wPZdjI6SehhZ3vMvl6UsuwOLU2rJwZx9Fy6-HKDjNGyT4jWmmccWxF1BuR5j2hB8iZB-eaPQhYF85ORvcLNrpWXkLeS3WszaNUo3Q7TE0MwhTjWmJ-B9qtFGDhtC_oxdwiKx6j6aXJEt-PkuNWUUPVrlGr2bpWNnnI5qs9-Ii4sXkUxUaSh-E0VaDDuUuGCkct6Dl5OlWVHmNU7R0uOXBuv9pDw8l0ctsOs3FTQ6JRTRqoFKy4dnF1a5uoFSkLCgUeR8KBrgPqR8WK-r7NMupSTPKWiYDdK0YvnORbMQkl13yqgBN8CEvm9FRMGpY50azTz5dgKuVXcEJNVssupW65uF3ZVQ36G2XYZlEWEIDjzTLwYE2JR8zyLqx8FYd6fYvD5VYHWsZuM81ks1ZfqTx6GREyRn--lJeIYCatzLf37uAiQJRViUO9R93WfR7UuAXy1v2VtcHPJkh_bBbuevIezCRRokpk8F4bje8kH_zX1f_rwHrcdy6mXoLW4WxJlEDpONRw4U9LMXbHp415xHr0VRGnflHzraCHgjKsjTUoQaJlcE80dS0hobp7sIV_YML4zzA_zrA5IfwpqhFTSBfOJucRPXFq0gcLtk71Z8H73P45Ufe92iycAn82ZB6AjVqLdwybnRwB6-onQkKG6VQPlk4SSAdArYB0OJ7HFuPZvGUaxnkZiQdfw2BjUbjS_6EZDw6diJ2c2WKvHnJUrnwporVPZVxjSULop36Jbrn6nQbweNB6MNWNR83-BBG0OyBLBxC2drISTkZuYXRDzqTduH0BM-2PTCNTwF-g_4VQ4rFg1z_3k0gM3mo4KVDjAYMVywegp43c-YNlMly9vCeNTzq06V4N300WRFT1mhUHTFwrM8jWxCdzBS3Bp4eJXNaOE9EjBs4HAz4_9EBKT8DtGDY7EzD7l4Nv3m-ns0wJR6FLlhK-9eXLx1HvdhL52BS4CZQWZkBktqk_PEALFl_71QvE4aECYy0ZTRy-MxxZOnMnxSwZ2YwmuvFV_-IGXJpWXjqBiGJ3vJuOFTxZojA028wseKlYA9KYrd-XMPgBPI8nfpqKOkvhW-Xq5KZuqVnIAAhzrkWYqwe8E4gbDHdt9F9Vw-3wWbuVXiyJxi_VNN5JWC8y9d55rA9E_bRR9_FlLpfou-sMs7RmUGCp1QiHNT8iYi8tDrJDyXwizVOu2mtKVdik-oKv1DuNd8_9a6wrXEgrlQUpURYbr33svvLc7YgabQnO3AxYSqZI_Nj9-3DzvYV9T4yZuvpDb3ynbiSYbJfZ01u41_DLPiRYhL1Ud8eLgKeRVJxPma3aOtgstgXceab6Q4aLTcGNGC0lNlsrv1hZu94BLAc3_JafTLiDK2Jno7N97_iXxOlewHztkSqxiaJHoPzgE8A2u0y4Ni3zR126LPMnEOqvHvBsPB95aoUf6CmYTTMYCze6eAunzXE8jlUzvf_8VoQ7frU4sz6SaJmfnsrhQv5rV8dez9xxYaTJOnLo0JufyTUniAKkenGnJLXsQc5Zd27gMgPfJi_N1XzVlGRpaC94K-qM1BPnDWHxSkpjUAAmA4CBA_4MgXReGyttEwfqLeJAdio4c-F9b9_311FXWc4TuP8mX1piSWoLBj6puvUvav2TiwGlYnDuH7gwJwXLbwq33BoXt3vZ25kStUbN_mJh5vWr-YJyRVgu3MLvLvyClJ-8w-9fuekLfgIToTQSD5JCRLzcettdRZU2fXiOys-SypKlsXPqVKfdRuPIYCgbWSe71C0bwBJCx5F5ZKgCwMqWBbvtno6iV79gkf3IofSlw0N6g05nStjm-tUqOvQl0fJto4obDxKvj7VVEzJmm4tCq6Xld3BaTmKKJftjBOkXTV11gkIDAmm7gmCSi_jUQwwYgklaxgIrjgAoQ1n-Nc6nLAnqD12OsWBAHU9Ao9r35WL2TA72DNi60g6zVcpxRe-0hDITyupokCPFJmct1Fo4sNC8w85JlhbFzSC-axxUgBuIlEMJ4dXU8AKrWK04R2SpFpgPDY1k_IYIGTLK9xok_SWzKumLX4MIeNKU7nkZVlwZXHUEJ5GCYDv6ErnPyRJefDPQy_dXJFzkoo5aaYafmgFiNAzuS3R-WQUjKc3CzamHmiGUsbkRKFwGGtxQ_eiPqilDvy_VG1dXUxxvBi0aFTXRApUDCCMuHlc2nZVEW0AywZSzW2OheKhY1dnh4ZDVF8hlPEOqHt2KWd-YYUuy2MXk-TBQimdCzeH2RN_SAWNfDpEu9lclQ89WXD74tit1P3zTfTrZgATkEDdcbFYNZ6DP3UceCFeHZ2FRuJMSD2A_C48wVTQ_UJfnQEV743bcRBVVUpxzBVGZ3lkqayHeFMB1R_1y3sPKMRSEhzvxx5sIq_OMlQtYaTTTn3WIIfrt8a2OVK6xDOkH_l4hHvSzwdiM_QBbSIVfSVkmAuLx673aqN-en9WnBrQR7CzYUuFk9395mKv_8DQSt9IZJJE6k4w_iJSacjTxxAT_0Iv9q2pBawGXk9VwJ260YbHI2eU0D6BnjraueWI3QtuBkR9VWuRgDUIJG5264YKm-eaLpoCgwtauFDtR0FfkI5wzy1S5nGZaJV9pfoC5LVjlpcIkmgCdWuh3wCbRYq8auJs3H6UOniC7Mei9Ze3zdcZL_AESBIurE4jK9DQfIYCKk8tQLpsplk6jAsXkkDrZ_C7SHKuh4GMC2PWMcIwZZlpu_v0tRwx0uBjfH5xR_cTqW-lJ-oc4eyJnsytFYoXjKUFVzVPniA1ODm8&cid=CAASJeRoNLntskYvcxusNZmCaHiWQbYJEY-P8iNw8sqYyqOH0o8KzGw&rfl=1%2Chttps%253A%252F%252Fchtyvo.org.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 03:45:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 87FE
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220628&jk=1931991261665643&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1407
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 12:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jun 2023 12:00:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0CBD
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
79218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 30 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1407
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7afa8f922a76f2d9d1853159433f236886b3d4a9e303ebe4fcdf40a0a5e620f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0CBD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDXZ6inMwBg1s5Ytsce1jAI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDXZ6inMwBg1s5Ytsce1jAI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3N5eWtzOW4xTzZMZkk1&google_gid=CAESEDXZ6inMwBg1s5Ytsce1jAI&google_cver=1&google_push=ARnp8GBi9YjzA91YlDqGpabdYTB4zhrNeI3XFZRxICqu1ih...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3N5eWtzOW4xTzZMZkk1&google_gid=CAESEDXZ6inMwBg1s5Ytsce1jAI&google_cver=1&google_push=ARnp8GBi9YjzA91YlDqGpabdYTB4zhrNeI3XFZRxICqu1ihuFLEb62RZvKhJc6bi0994u9-cBcJfV3EbYfdHONul8TeLuMi0Y4MJ
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 30 Jun 2022 03:54:02 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0aa046f85b99a54d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3N5eWtzOW4xTzZMZkk1&google_gid=CAESEDXZ6inMwBg1s5Ytsce1jAI&google_cver=1&google_push=ARnp8GBi9YjzA91YlDqGpabdYTB4zhrNeI3XFZRxICqu1ihuFLEb62RZvKhJc6bi0994u9-cBcJfV3EbYfdHONul8TeLuMi0Y4MJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0CBD
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDfngydS-1lSzoJ45VCgeIo&google_cver=1&google_push=ARnp8GBEC56cPptnukBydceH3ySFifCh0HEFSGflGlwKrzP5ldgTBLHraEc-UaEqbppT34Om02z6Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GBEC56cPptnukBydceH3ySFifCh0HEFSGflGlwKrzP5ldgTBLHraEc-UaEqbppT34Om02z6YcF_6tHSiuGgqhyHtcKllAha9A
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GBEC56cPptnukBydceH3ySFifCh0HEFSGflGlwKrzP5ldgTBLHraEc-UaEqbppT34Om02z6YcF_6tHSiuGgqhyHtcKllAha9A
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 30 Jun 2022 03:54:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4173765B36FA488F9E1A622EEE5B06F6 Ref B: FRAEDGE1309 Ref C: 2022-06-30T03:54:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GBEC56cPptnukBydceH3ySFifCh0HEFSGflGlwKrzP5ldgTBLHraEc-UaEqbppT34Om02z6YcF_6tHSiuGgqhyHtcKllAha9A
x-li-proto
http/2
content-length
0
x-li-uuid
AAXiojhsjW1q265+cQbAtw==
pixel
cm.g.doubleclick.net/ Frame 0CBD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC7PBx0iobMnJPpdmfLQFoA&google_cver=1&google_push=ARnp8GDtnVtVpPOse1BpIt2Uz96aaaeLbfe0Z0LlteWJhUw-uZExhue84iHVgwEWrzQeWuCufoza_aYe...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC7PBx0iobMnJPpdmfLQFoA&google_cver=1&google_push=ARnp8GDtnVtVpPOse1BpIt2Uz96aaaeLbfe0Z0LlteWJhUw-uZExhue84iHVgwEWrzQeWuCufoz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI1ODE3ODY2OTUyOTY2MTQ0NA&google_push=ARnp8GDtnVtVpPOse1BpIt2Uz96aaaeLbfe0Z0LlteWJhUw-uZExhue84iHVgwEWrzQeWuCufoza_a...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI1ODE3ODY2OTUyOTY2MTQ0NA&google_push=ARnp8GDtnVtVpPOse1BpIt2Uz96aaaeLbfe0Z0LlteWJhUw-uZExhue84iHVgwEWrzQeWuCufoza_aYekDMsSlZROuI00jpxiMyNbw
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI1ODE3ODY2OTUyOTY2MTQ0NA&google_push=ARnp8GDtnVtVpPOse1BpIt2Uz96aaaeLbfe0Z0LlteWJhUw-uZExhue84iHVgwEWrzQeWuCufoza_aYekDMsSlZROuI00jpxiMyNbw
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0CBD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC7PBx0iobMnJPpdmfLQFoA&google_cver=1&google_push=ARnp8GAqfERR-Fn9rUEahmfi7fVhiTsZ0-KTkLBrL3BqMkqm53Ui5R5mBZ1xwtOUj0wj8zxOVtcOB3Hd...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC7PBx0iobMnJPpdmfLQFoA&google_cver=1&google_push=ARnp8GAqfERR-Fn9rUEahmfi7fVhiTsZ0-KTkLBrL3BqMkqm53Ui5R5mBZ1xwtOUj0wj8zxOVtc...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAyNjg5ODcxMjM4NzAzMzgwNA&google_push=ARnp8GAqfERR-Fn9rUEahmfi7fVhiTsZ0-KTkLBrL3BqMkqm53Ui5R5mBZ1xwtOUj0wj8zxOVtcOB3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAyNjg5ODcxMjM4NzAzMzgwNA&google_push=ARnp8GAqfERR-Fn9rUEahmfi7fVhiTsZ0-KTkLBrL3BqMkqm53Ui5R5mBZ1xwtOUj0wj8zxOVtcOB3Hd-2Y3ojIU4MY9qTv4k7o-5Q
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODAyNjg5ODcxMjM4NzAzMzgwNA&google_push=ARnp8GAqfERR-Fn9rUEahmfi7fVhiTsZ0-KTkLBrL3BqMkqm53Ui5R5mBZ1xwtOUj0wj8zxOVtcOB3Hd-2Y3ojIU4MY9qTv4k7o-5Q
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0CBD
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFG8ld8VNe6bGgRtfmmB2K8&google_cver=1&google_push=ARnp8GBeG6USbL337dvGBX6U8TauuS9PEPG5b67-I0MdIifYreuiCxemUkkFevc9GIREUgxRuOr05RnIw7zzz70fp...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFG8ld8VNe6bGgRtfmmB2K8&google_cver=1&google_push=ARnp8GBeG6USbL337dvGBX6U8TauuS9PEPG5b67-I0MdIifYreuiCxemUkkFevc9GIREUgxRuOr05RnIw7zzz70fp...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBeG6USbL337dvGBX6U8TauuS9PEPG5b67-I0MdIifYreuiCxemUkkFevc9GIREUgxRuOr05RnIw7zzz70fpHfIJJa6bL_oEQ&google_hm=E5TKuGZH0PKvFfxyToWS...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBeG6USbL337dvGBX6U8TauuS9PEPG5b67-I0MdIifYreuiCxemUkkFevc9GIREUgxRuOr05RnIw7zzz70fpHfIJJa6bL_oEQ&google_hm=E5TKuGZH0PKvFfxyToWSbUd4
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 30 Jun 2022 03:54:02 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBeG6USbL337dvGBX6U8TauuS9PEPG5b67-I0MdIifYreuiCxemUkkFevc9GIREUgxRuOr05RnIw7zzz70fpHfIJJa6bL_oEQ&google_hm=E5TKuGZH0PKvFfxyToWSbUd4
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 0CBD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBSXZh07ayQF_XviJHG3Nc8&google_cver=1&google_push=ARnp8GBY0-w7_w8wE-8MOxx6JMaIaSONp5oEbzRvY1tDWPLiwQyL88CD62ISiq40pcnBJ3clWxXrTy91zk5a03eiWgdHB2mVQc...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GBY0-w7_w8wE-8MOxx6JMaIaSONp5oEbzRvY1tDWPLiwQyL88CD62ISiq40pcnBJ3clWxXrTy91zk5a03eiWgdHB2mVQc8...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQwNDgxMjI5NzQ1MDMwOTI2ODE2&google_push=ARnp8GBY0-w7_w8wE-8MOxx6JMaIaSONp5oEbzRvY1tDWPLiwQyL88CD62ISiq40...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQwNDgxMjI5NzQ1MDMwOTI2ODE2&google_push=ARnp8GBY0-w7_w8wE-8MOxx6JMaIaSONp5oEbzRvY1tDWPLiwQyL88CD62ISiq40pcnBJ3clWxXrTy91zk5a03eiWgdHB2mVQc8_Kg
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTQwNDgxMjI5NzQ1MDMwOTI2ODE2&google_push=ARnp8GBY0-w7_w8wE-8MOxx6JMaIaSONp5oEbzRvY1tDWPLiwQyL88CD62ISiq40pcnBJ3clWxXrTy91zk5a03eiWgdHB2mVQc8_Kg
date
Thu, 30 Jun 2022 03:54:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
rtb2-useast.e-volution.ai/ Frame 0CBD
42 B
233 B
Image
General
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDb4Pk2tC8ZZjji73GNHhek&google_cver=1&google_push=ARnp8GBHEgEcdxUX3vD4Pj__Qn-1xjoXWESNk1zzEv-VJxhrV9aFWABzHwsSykC1vChstfl_2Tzx07tShRNgNQB4KIwd1BvgSclXroI
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jun 2022 03:54:02 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
attr
cm.g.doubleclick.net/pixel/ Frame 0CBD
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgK2smf0p3xKr40FYhSA9a62AS1oPMlkbVUnttrk3FMW4puCP8GShvqdlkDKGM-boNJci7mg
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame CD31
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 22:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
18917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 22:38:45 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0287
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
402828
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Jun 2022 12:00:14 GMT
expires
Sun, 25 Jun 2023 12:00:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 0287
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 22:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
18917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 22:38:45 GMT
generate_204
tpc.googlesyndication.com/ Frame CD31
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ZkyVgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:54:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
index.html
s0.2mdn.net/sadbundle/8834995936796757198/ Frame 82E4
5 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02f15a57419e7d37bcd8a60ab673185cbba78a0b1b4bde886b18bfa261e4d41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
32510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1723
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 18:52:12 GMT
expires
Thu, 29 Jun 2023 18:52:12 GMT
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1407
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAZPHxjGUk2hLINmOt0BnFfoF73uFdijghiHuLgsWoxEoA_v67CGTnGbUwSi5fboXc-9DL7mIA0fxT0LKwl6spOiEkd1uqkKT60ByPyIujo572orqDcnqAitECUqSeLc78nbTviyWcvJd_G8lPXgr7JQBHIribdAKGTBadnTihyby9zEVTHQZ6hj7RLPs7-co-RqDZRTZOipMfiusnfWdmRcdFZMv25oJVI3MfHSwcBkNaEbAfaMP18wB7XGwvkzBj6bLYrEPUcQJHZtQROSLbiBf0u2kZ0CH4D38bcPFy3L-m6u0TotmnGJzPOfiY_MDoGLKGzwCG81XY7w8-ekR9-yKt0kMtsTME3HoupTYdjWj-L0qWZMz5_JKBPMnVt-8Fs3M77t53BTQAdfL7rrMKSFpCSMBlh8a7JbZXt47TZL76vnRv2UxgHD7QuWtzlKGtZh_ztiT_DeCQxNy1oreTPkyFjL2WbJqpbBaq-GTjT5sZR3bop3tD9XWxwtvYT9EXBLeZ02-8nDCJiv0QzBs1m2ssJWXPA5rCq-kedI3AfwGZBUjrBtTD1KG4yMVp3zboq8wtuWRSQYPOhoolFCZdeU5y8J_L0JrG3hlUAAsT-u9fpcbAhdzpuqJ8HHQQhZPnsKELMtrcB7CEKvOeqHuSsD-iwNPvEHbpdZW1EcroteOIo0yDkHFoKr3VC12jWTbz3MiQGLnm0945Jg0sZ2wKyXwfa50XMkjDf39VaDa5fAT3WsEXZrYST7AK01_zMHEvqX-tMsrtGsiAlaXpCuMrS5u5mfQFTqt_Fzx9drOnK5DzjAEf44ZgAh-YjidiRJAr3KnUdqEe7CtCZKvn7l_NUYPIw6bpyKz8BenDeeprQpxUzQwT7X70QZX5LJ1uvNdX_ROegkrX0rH1liNCX5OQuXYFdkCcBB_9HkvC6eKzkP_G48aITISJni8bVwH6Po7-lKir-wtDoZZYkViqshPZ4L-rzc324YPtajcm4jaXCKvRma08CjbQJu4Ab9uYrrIrsEgb6LfNGYae6SgUfxEB9J8K-KCFBOmdCbNTiu2Egfp2sl0BlFfS8owc5fuTInHw0-7ma0xxFjqVsVjUvZbbwIdYKBgDuuui0KQiqlBMPw3WR4NnLn6t8uYjkIWkUdbJQ2iSKgUBLqNek_RX2zXtEAxKs8-jAXUNZ6Wu9Ssscgdxg8N0UL2ACJDiWicppD_KV2WWxWpVjQ09unGrMUDVRCGeV67p1j1Dk7fGLYV6dgaOkjDIEA5UaLE&sai=AMfl-YR666-26yjSJ-a9HdP5Pa65hnP_5zsR86LvGmMwdj_vRUJG6q6DLnkJEiVvLBDOzS1NEg7PvxBXd8QzG9wimr5niZ2hjg7ZGWpAdBobyp-dC41RWH4ufhBHC4t1JE4quvncS2AbR4xOo30JIE3ZM8E3YeOyoL8aAj-7wdxWO_nLUjed6WNQtHoWDEJSE1gF686Y02A8wtdnDaw54UxQHpti&sig=Cg0ArKJSzBNM-R3B0JbjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=286&cbvp=1&cstd=283&cisv=r20220628.23712&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 30 Jun 2022 03:54:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0287
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_Zf7Wh69YsX8Eeu4lQew4IDICgAAAAA4AeAEAg&bg=!ysmlyY3NAAaLlKKnq5Q7ACkAdvg8WopBjKhygAsndELLvq3ZPFx3Izqndim58kMgKOeA7GLPdtWrugIAAAA8UgAAAAJoAQcKAALcTZkC1x6Z66DULtPnFC0sZWd0Qrr0HD3blq_68SIVggNp9rJpG49onbePGdywXVtc0oQCCGNzHWyFqhbURTfW6asN82wOz6PUWwa4-bF0mABEJEcasM-uIQHKORIlNjSepa11paRn6R_KzFFFfsdWtrPtOmM6obhW6Iu5CuOlnYhNn-zV8J_UIcgwWeu7vffnxKR7KuB4tq77hHnz-JaTRcxzg3K7_rnoabRRUoC0sUdIsyw7Yv26EA-W1JlDRktQls9jk0TCaIvkBwedEna6WX5o9FUg_ig21feJvh3iP41oHOkjMZQ-8f_HIs9ztgZ5V6qdP6mYOeP716KvT_XecKhWZbas2qfY9_1bWhho2vC8wT1DCXEIBlJuocnU1Z6SzDtKaXvERUfC6qC2mJpMRXGXhkKUNoWvp3eqrKLtK210IwJ66G1NYqjVNhI9Zt4UohyP2TNlJaFDZf1eA0-hnnyvUJu4P85ea-ACB0RFrCllWfQtQmVBfn2YoaIg9dfYG46tUxxsnTsZ487th7BSz9LQATOzoVOhdKafEzxmN7S1Rdki1uL7uV-_XvW6d5zJkCSO54rFXmefB5Dq2gLmRcz9qqx_M0jK4-U1j-3AlUt1Xm-Ay328FCLDma03MXCv_EQIwWwWyoJCP128ijwS0wSCwicOJnuBvY0GbNYEFeG1AvEWKWUTpDqFSTczUm2Sm5pbQIvyTxPKzkN3k1V4XRCyr4jKiDPylFN1LBgwSRI7nxWJyLi2-bZPa0bhXyrXBiE_ExnVF_Mr-WcQeLHdwqJLE5lnKtqkrmyqaChlOF9wQyfOCBJSp6_-9av8x6KzkKnCku1r3F2SeM7HVOZL7OqZfPPsn_Awo3GbHY8RWbjN42OVo7tSYziYCvLfzmJrvRFmfoDwIc70YtgIbLNjTdt3eZlVbJVBImgN10KvpjpSZCBaAF-i73kRj4pssiWi5ii2wDCGWMlB9K0
Requested by
Host: 69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
URL: https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bannerify.css
s0.2mdn.net/sadbundle/8834995936796757198/ Frame 82E4
3 KB
757 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/bannerify.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10450169826283e66f94430b716cf96ebf5b45323a98692b8afd72f966f7c482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 18:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32509
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 18:52:13 GMT
logo-white_107580338.svg
s0.2mdn.net/sadbundle/8834995936796757198/images/ Frame 82E4
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/images/logo-white_107580338.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
907aa510fe5fd99b9d909a3221bb2b3d8de9cf9065f4cb8c7a578efc9f85504f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 19:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2515
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 19:16:12 GMT
group-34_361882740.svg
s0.2mdn.net/sadbundle/8834995936796757198/images/ Frame 82E4
1 KB
461 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/images/group-34_361882740.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb4855a9d749dfc9ef137ac6e54d9f6c3ee0023d95ffd38f459f6af1e4619ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 19:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
432
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 19:16:12 GMT
group-36_029953078.svg
s0.2mdn.net/sadbundle/8834995936796757198/images/ Frame 82E4
1 KB
446 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/images/group-36_029953078.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9becb1f10bc0d9daa689fa86615ff62742562f362dfbca1d0973c1a3333014fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 05:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
600830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
417
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Jun 2023 05:00:12 GMT
group-38_874098318.svg
s0.2mdn.net/sadbundle/8834995936796757198/images/ Frame 82E4
1 KB
450 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/images/group-38_874098318.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
929f5847acc7f699a46f2f7b8944d2da3fe1485a9321356f9a6ea42de06fd56f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 19:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
421
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 19:16:12 GMT
sell-out-in-seconds-any-day-of-the-year_342231680.svg
s0.2mdn.net/sadbundle/8834995936796757198/images/ Frame 82E4
7 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/images/sell-out-in-seconds-any-day-of-the-year_342231680.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
220ea0edc28c8ee8b368c70404b94ef85fe787a28687c218974b1445a6cf9a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 18:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32509
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1552
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 18:52:13 GMT
ebook-mock-up-1_847523776.jpg
s0.2mdn.net/sadbundle/8834995936796757198/images/ Frame 82E4
87 KB
87 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/images/ebook-mock-up-1_847523776.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab68d1e8993f352cc94076483bff9ac02ab4f61e8ef2c8acb6689c95a5710725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 18:52:13 GMT
x-content-type-options
nosniff
age
32509
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88617
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 18:52:13 GMT
button-chartreuse-solid_101221922.svg
s0.2mdn.net/sadbundle/8834995936796757198/images/ Frame 82E4
4 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/images/button-chartreuse-solid_101221922.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbcadb5fc12767ccfcd8fc2d5d7922a39fe9b4c4cd1b7103aad4afb610ad7b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 18:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32509
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1681
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 18:52:13 GMT
bannerify.js
s0.2mdn.net/sadbundle/8834995936796757198/ Frame 82E4
846 B
409 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8834995936796757198/bannerify.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b2b9f3cdfdfc60eee0247721ed1a2b8f208bcafc5bc378d470238433b970f5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8834995936796757198/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 18:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32509
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
380
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 15:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 18:52:13 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1407
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAZPHxjGUk2hLINmOt0BnFfoF73uFdijghiHuLgsWoxEoA_v67CGTnGbUwSi5fboXc-9DL7mIA0fxT0LKwl6spOiEkd1uqkKT60ByPyIujo572orqDcnqAitECUqSeLc78nbTviyWcvJd_G8lPXgr7JQBHIribdAKGTBadnTihyby9zEVTHQZ6hj7RLPs7-co-RqDZRTZOipMfiusnfWdmRcdFZMv25oJVI3MfHSwcBkNaEbAfaMP18wB7XGwvkzBj6bLYrEPUcQJHZtQROSLbiBf0u2kZ0CH4D38bcPFy3L-m6u0TotmnGJzPOfiY_MDoGLKGzwCG81XY7w8-ekR9-yKt0kMtsTME3HoupTYdjWj-L0qWZMz5_JKBPMnVt-8Fs3M77t53BTQAdfL7rrMKSFpCSMBlh8a7JbZXt47TZL76vnRv2UxgHD7QuWtzlKGtZh_ztiT_DeCQxNy1oreTPkyFjL2WbJqpbBaq-GTjT5sZR3bop3tD9XWxwtvYT9EXBLeZ02-8nDCJiv0QzBs1m2ssJWXPA5rCq-kedI3AfwGZBUjrBtTD1KG4yMVp3zboq8wtuWRSQYPOhoolFCZdeU5y8J_L0JrG3hlUAAsT-u9fpcbAhdzpuqJ8HHQQhZPnsKELMtrcB7CEKvOeqHuSsD-iwNPvEHbpdZW1EcroteOIo0yDkHFoKr3VC12jWTbz3MiQGLnm0945Jg0sZ2wKyXwfa50XMkjDf39VaDa5fAT3WsEXZrYST7AK01_zMHEvqX-tMsrtGsiAlaXpCuMrS5u5mfQFTqt_Fzx9drOnK5DzjAEf44ZgAh-YjidiRJAr3KnUdqEe7CtCZKvn7l_NUYPIw6bpyKz8BenDeeprQpxUzQwT7X70QZX5LJ1uvNdX_ROegkrX0rH1liNCX5OQuXYFdkCcBB_9HkvC6eKzkP_G48aITISJni8bVwH6Po7-lKir-wtDoZZYkViqshPZ4L-rzc324YPtajcm4jaXCKvRma08CjbQJu4Ab9uYrrIrsEgb6LfNGYae6SgUfxEB9J8K-KCFBOmdCbNTiu2Egfp2sl0BlFfS8owc5fuTInHw0-7ma0xxFjqVsVjUvZbbwIdYKBgDuuui0KQiqlBMPw3WR4NnLn6t8uYjkIWkUdbJQ2iSKgUBLqNek_RX2zXtEAxKs8-jAXUNZ6Wu9Ssscgdxg8N0UL2ACJDiWicppD_KV2WWxWpVjQ09unGrMUDVRCGeV67p1j1Dk7fGLYV6dgaOkjDIEA5UaLE&sai=AMfl-YR666-26yjSJ-a9HdP5Pa65hnP_5zsR86LvGmMwdj_vRUJG6q6DLnkJEiVvLBDOzS1NEg7PvxBXd8QzG9wimr5niZ2hjg7ZGWpAdBobyp-dC41RWH4ufhBHC4t1JE4quvncS2AbR4xOo30JIE3ZM8E3YeOyoL8aAj-7wdxWO_nLUjed6WNQtHoWDEJSE1gF686Y02A8wtdnDaw54UxQHpti&sig=Cg0ArKJSzBNM-R3B0JbjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=674&vt=11&dtpt=388&dett=3&cstd=283&cisv=r20220628.23712&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: chtyvo.org.ua
URL: https://chtyvo.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 03:54:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220628&jk=1931991261665643&bg=!0tGl0ZXNAAaLlKKnq5Q7ACkAdvg8WodG7NGR4AoHI05JTzhtAtv5qOO6TrWteTf2m12PQmUwvoTMsgIAAABWUgAAAAJoAQcKAEZmge6tJ9ziYrQoove_QRAirecdMR0BT-9V_iaI2j2bPlIrIneehlyxXR61QvSvHALetn0wDaYO3M8H3KyaExGQDNkTMq0xmQKeddUeIrjKO_YHxCdSLSk0M9DGAMzRCvt4o80pakJdifs-XN5mLCIWRTmR6ugPfLkTv1DGBuPvAAkXWoNwQ9iwqD01_76VMxoGrHYuG2AMZqza_L5xqF1YVKxcNQYPZVzW7YJy_EECMz4NlV00UJskBBpKA4ipWcYoYFnfXZAJE2ejxgtwas8cOFsrEvDLgGdUGOJh_OabA8HKHnzq0ApfjD4G5AjKSLvM61k_ktxg-mqOutSrzEV5SpEb2GML-JiNZwPO_Qpcww77_e6i90xYY4oT8PWpo5DdyYRiQ2BZg9-14WJARUBHCOwsYzYvZ4hrqmfInsWvQDj9enJyZY7r_PxipvGO626HMc6mOay_CIHWPeybP97ISm44JszMY3R5QNGL7LRNo8jgbDdgf8sAeQNdFJdAjv6m-ERAmWMPjsuvS1hu9cGLEHYFnygJt4iH35UHYAnynMYMvQ4qxBM-rVe255vnPqVDPkCrlcuf86HP_Kc8NNBxhsrw17ZwCoUD_yu04m0OssiZLuTKLuF0MvVjfZW5UPawh7nDtVAEIl1AgdEfxdDaBxXZg1SO5RUi6C8JisETTbYJ7r9ua1ITOmSrWs9zIQ9qRMwHpD6c13LvlVDFQUTYOu_rRpYG-jyJtCecwfoLaFWAKdrB6CpfIl_Tfp3ocIk1GGmNLIgSgpaYUQ4fStpit-qKoZQTURx-qrmb0pQd7I2mkN-NFWhpLRFAxLmtLo0bS5i06Da62VLo6BnSmxmlJnzoWsG7WtMR_hRGLHinlWZnIwweYbZWeZgzSQD81wpiGp7F9G1xGgY7onWOnyF4n_HDSFzQ1uejowk1O0I8iaIA-CsXSv_bR-ukQT7ATjO6YICR2q1H5Xxt8VtdCosTIOVUTi3beA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://chtyvo.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 1407
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcV0sCW4UtHRtVzlVzajrzafRa35VFvKwn_Vewa3JaTrQQ5sXdvJhHE8QTU7qn4LTnAe8x2jAHKrKpFOrTW7HEOmB3kuRyFpxrsJiwsaypkuzobc0f_15ysHmFqkiA4TAojoWq9Q&sai=AMfl-YR8oYnHDJx1QLwjlGhHq9ThWAyDhooHZwVGDpoQGS-gc_2FNu8wBx-1Q15_EZB0ZvZsfk6-bp1LNKAOS6Qleyc0fQaGu1SNnVJb8OIKHb5Ev9WuhyOcsaDHFp0j&sig=Cg0ArKJSzOPu9PIgwDDOEAE&cid=CAASJeRoNLntskYvcxusNZmCaHiWQbYJEY-P8iNw8sqYyqOH0o8KzGw&id=lidar2&mcvt=1000&p=311,1440,911,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=946669772&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656561242065&rpt=507&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 03:54:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| markAllRows function| unMarkAllRows function| incAttachments function| ShowWin function| toggleAuthorBooks function| CheckGroupForm function| CheckUserForm function| CheckCommentForm function| transliterate function| jsHover object| _gaq object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| _gat object| gaGlobal function| setCookie function| getCookie function| createGeoRestrictionCookie object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_tag_data object| google_sa_queue function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpf object| easpi boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime boolean| __isGoogleAllowed object| googletag object| pbjs325474 function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| FB object| __twttrll object| twttr object| __twttr function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| adsbygoogle number| tmod function| google_spfd number| google_rum_task_id_counter object| GoogleGcLKhOms object| google_image_requests

25 Cookies

Domain/Path Name / Value
chtyvo.org.ua/ Name: PHPSESSID
Value: tulm13duigindd8i9vfap3ou43
.chtyvo.org.ua/ Name: __utma
Value: 206820033.882662804.1656561241.1656561241.1656561241.1
.chtyvo.org.ua/ Name: __utmc
Value: 206820033
.chtyvo.org.ua/ Name: __utmz
Value: 206820033.1656561241.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.chtyvo.org.ua/ Name: __utmt
Value: 1
.chtyvo.org.ua/ Name: __utmb
Value: 206820033.1.10.1656561241
chtyvo.org.ua/ Name: __oagr
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUmiMbQaz5Avpe7NTMfTVpzsKdrLsaGOWS7snmtT4baRCQI1gHcUMsNsam5QXsw
.chtyvo.org.ua/ Name: __gads
Value: ID=bd00afeb6eb0c051:T=1656561241:S=ALNI_MYnt_qX4KHHD-ZAIbrVTAhHdEekqA
.casalemedia.com/ Name: CMID
Value: Yr0eWsX--nUR08dDkI5sHgAA
.casalemedia.com/ Name: CMPS
Value: 4433
.casalemedia.com/ Name: CMPRO
Value: 4433
.adnxs.com/ Name: uuid2
Value: 6685051967099241900
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVLpHVpU!]tbPl1M>e)ZlrFUfJ+tGXxoX@cbgU?U.7w>8Is4V)5!jZ6gZN^ND<)Ce*/$3If)y3KL9D3I?+lvaQ!k
.3lift.com/ Name: tluid
Value: 940481229745030926816
.lijit.com/ Name: ljt_reader
Value: E5TKuGZH0PKvFfxyToWSbUd4
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMTS
Value: 4368
.w55c.net/ Name: wfivefivec
Value: ssyyks9n1O6LfI5
.adform.net/ Name: uid
Value: 8026898712387033804
.w55c.net/ Name: matchgoogle
Value: 5
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c777912d-93f7-4ec3-8a28-25a3e38e8363"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTY1NjEyNDI7MjswMjEmDDbDtlJV6D3u+FdXKZHCKip+eWed1h5PzLOHDURNEw==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2781:u=1:x=1:i=1656561242:t=1656647642:v=2:sig=AQGa34xwDTD6FNCgDLKuSiWX3E5H298W"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

69e22ddaf5b1adf1c9cd9e841b037775.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
adservice.google.de
ap.lijit.com
c1.adform.net
cdn.jsdelivr.net
chtyvo.org.ua
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
dsum-sec.casalemedia.com
eb2.3lift.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pm.w55c.net
px.ads.linkedin.com
rtb2-useast.e-volution.ai
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.statsforads.com
104.18.18.126
104.244.42.8
142.250.181.226
142.250.185.194
172.217.18.2
174.137.133.49
174.138.9.142
18.66.97.85
185.33.220.242
216.52.2.30
2600:9000:223c:8200:6:b871:4f00:93a1
2600:9000:225e:f800:11:a4de:2580:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:5914
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.159.35.35
37.157.5.142
76.223.111.18
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
02f15a57419e7d37bcd8a60ab673185cbba78a0b1b4bde886b18bfa261e4d41b
04c79a8ff678e785a67016212f56d4215c9ebf1555fb6e15c6f0a0b24b1d80eb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10450169826283e66f94430b716cf96ebf5b45323a98692b8afd72f966f7c482
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
220ea0edc28c8ee8b368c70404b94ef85fe787a28687c218974b1445a6cf9a4f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2b6a495c4ace02a5a17dc157938d69188e71535365efb39eaceff9137ca92166
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
542ffe743a87a3f9eb0d86a64c476d23ccd575bce23995f8de58789e2907ec7b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e6666d1d9b9a978f4359712f86eea5e417de503cc144266763541b732b04b19
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
78ebd6040b003d3566ec4489841b0f544e105d329b93879c6c0fcf711fd605b5
7a58159e81b43f3748478de3ed6edac89e008f248899a2cef3cc9223cc08273b
7afa8f922a76f2d9d1853159433f236886b3d4a9e303ebe4fcdf40a0a5e620f0
7dcc62e362a13f79951a29929e0b9783af9a53f31fef4ed60b725f162e6a775e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af594bfbdd1efc543b1dfdfd771d97631d6a30f8d3ac0ca4d19888cbf4d0354
8b2b9f3cdfdfc60eee0247721ed1a2b8f208bcafc5bc378d470238433b970f5b
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
907aa510fe5fd99b9d909a3221bb2b3d8de9cf9065f4cb8c7a578efc9f85504f
929f5847acc7f699a46f2f7b8944d2da3fe1485a9321356f9a6ea42de06fd56f
9471c46ce72eff84a4f0d530f3e99aec00dd17a9bf16bff184d42fef310ae852
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9becb1f10bc0d9daa689fa86615ff62742562f362dfbca1d0973c1a3333014fd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a15f95e938fbfd9ffef12a20682cdb3eebc3cfefa4843ceab38d0ff1a612cbda
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60a15087d495731590eb2dcec7f697409f5900f02a805056552a9a4cb11cd3a
a62841b9e5b955e345c1c642935163dc9e2044c542b2f40e863b54be4eceb010
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab68d1e8993f352cc94076483bff9ac02ab4f61e8ef2c8acb6689c95a5710725
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aed43a4d92c4ad6f234352f5d36369f44f272969fc5334a6a58e699decfcd99f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e45c1317da4dfc410ab6c1d707c04e5013936bbcece030ef1a6d9cd0c98ac6
bb4855a9d749dfc9ef137ac6e54d9f6c3ee0023d95ffd38f459f6af1e4619ee9
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bee7fd527073894328353617d78a729b5ae035e09df3ac50748eba0dfe014570
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
cc7cfb2bbac66523b800ab4867e077f25614657b11c2e595f4e9d253aadd74d4
d390ef7da234716c72621700171e881d88ac63c6ca82a71fb069d8251ee3f4e5
d5d3d8a9b2def0ab27065686662a5af7c3b1e30e36c98ac78bace94c7a23e6f3
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
e19dfc44d9684b3af1316678083e215b138da0ed876312ed03bacb00509b399c
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
eee9168df7a4a7233767630663c79810369a4153a859ad69619dc485688857fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7e3a7a9f0e970fc80a3d77944c790b30f27ce8a9c6fadfdf48050ee30b6618
fbcadb5fc12767ccfcd8fc2d5d7922a39fe9b4c4cd1b7103aad4afb610ad7b2e
fcaa5bbb668b3b26e7b3d2c97e3acba59a834da830b0726815c7f5ebf360ccf6
fdda0c0b749426d8043d6ccd7fc52d94fd2651d9ae650440e7ed4552bab2c9f2