urlscan.io logo urlscan.io
SecurityTrails logo

gumoreska.in.ua Open in urlscan Pro
77.83.100.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gumoreska.in.ua/
Effective URL: https://gumoreska.in.ua/
Submission: On May 15 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 9 countries across 25 domains to perform 195 HTTP transactions. The main IP is 77.83.100.33, located in Warsaw, Poland and belongs to ATMAN-OFFICE-INTERNET-AS ATMAN, PL. The main domain is gumoreska.in.ua.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on April 17th 2022. Valid for: a year.
This is the only time gumoreska.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 77.83.100.33 24723 (ATMAN-OFF...)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 185.152.64.17 60068 (CDN77 ^_^)
20 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
3 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638:1::2 44788 (ASN-CRITE...)
4 2a02:2638::b 44788 (ASN-CRITE...)
1 3 2a00:1450:400... 15169 (GOOGLE)
32 2a02:2638::3 44788 (ASN-CRITE...)
4 178.250.0.160 44788 (ASN-CRITE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 178.250.2.135 44788 (ASN-CRITE...)
6 178.250.0.162 44788 (ASN-CRITE...)
2 34.243.58.169 16509 (AMAZON-02)
3 8 142.250.186.34 15169 (GOOGLE)
5 7 23.35.236.247 16625 (AKAMAI-AS)
2 3 185.33.221.89 29990 (ASN-APPNEX)
9 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:224... 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
2 2 198.47.127.19 3257 (GTT-BACKB...)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 85.14.248.72 24961 (MYLOC-AS ...)
6 2600:1f18:1ac... 14618 (AMAZON-AES)
1 142.250.185.162 15169 (GOOGLE)
195 34
19    77.83.100.33 (Warsaw, Poland)

ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL)
PTR: pl-rocket-da1.hostsila.org
gumoreska.in.ua
3    2a00:1450:400f:803::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com
sp-ao.shortpixel.ai
20    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
googleads4.g.doubleclick.net
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
21    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
4    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
32    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
6    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    34.243.58.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-58-169.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
8    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
7    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
3    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
9    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2600:9000:224a:600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    85.14.248.72 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
6    2600:1f18:1aca:4280:6bee:4213:bce0:1d02 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
42 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
pix.eu.criteo.net — Cisco Umbrella Rank: 7541
csm.eu.criteo.net — Cisco Umbrella Rank: 7580
186 KB
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
ade.googlesyndication.com — Cisco Umbrella Rank: 269
453 KB
28 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
127 KB
19 gumoreska.in.ua
gumoreska.in.ua
338 KB
12 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299
ads.eu.criteo.com — Cisco Umbrella Rank: 7544
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487
194 KB
10 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 548
static.adsafeprotected.com — Cisco Umbrella Rank: 552
dt.adsafeprotected.com — Cisco Umbrella Rank: 504
96 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
244 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
6 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
221 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
20 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
149 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 612
1 KB
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4630
914 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11835
60 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1439
296 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
456 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1524
350 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
356 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1128
464 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 789
647 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 18065
676 B
195 25
Domain Requested by
32 static.criteo.net ads.eu.criteo.com
21 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
20 pagead2.googlesyndication.com gumoreska.in.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
s0.2mdn.net
19 gumoreska.in.ua 1 redirects gumoreska.in.ua
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
gumoreska.in.ua
9 s0.2mdn.net gumoreska.in.ua
s0.2mdn.net
8 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
6 dt.adsafeprotected.com googleads.g.doubleclick.net
6 csm.eu.criteo.net ads.eu.criteo.com
6 www.googletagservices.com googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 pix.eu.criteo.net ads.eu.criteo.com
4 cdnjs.cloudflare.com ads.eu.criteo.com
4 cat.fr.eu.criteo.com ads.eu.criteo.com
4 ads.eu.criteo.com googleads.g.doubleclick.net
4 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com gumoreska.in.ua
www.googletagmanager.com
2 googleads4.g.doubleclick.net gumoreska.in.ua
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 static.adsafeprotected.com pixel.adsafeprotected.com
googleads.g.doubleclick.net
2 pixel.adsafeprotected.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
1 ade.googlesyndication.com
1 m.exactag.com googleads.g.doubleclick.net
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com gumoreska.in.ua
1 sp-ao.shortpixel.ai 1 redirects
195 38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
telegram.me
vk.com
api.whatsapp.com
Subject Issuer Validity Valid
gumoreska.in.ua
Certum Domain Validation CA SHA2		 2022-04-17 -
2023-04-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2022-07-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2021-08-16 -
2022-09-14		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh

This page contains 24 frames:

Primary Page: https://gumoreska.in.ua/
Frame ID: FD214ABF9EBE3397FB5367C2237D5ECE
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Frame ID: A320CB022B0142735AE85D68E8A8F566
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&adk=1812271804&adf=3025194257&lmt=1652527619&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgumoreska.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256655&bpp=2&bdt=297&idt=233&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6067182317130&frm=20&pv=2&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Frame ID: EA440F8D25F6598DB8FF15D6AB2BE424
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
Frame ID: 6CCDB9ABACB95B6667E6326DACA07A37
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
Frame ID: 5C4B95F5B3D77D97F0993D5874D4B902
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
Frame ID: 97CC2FF82EAF12F350C8F6D6F8FE4865
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Frame ID: 2E84B7B51CC416950DBBA26029E4A631
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Frame ID: DC6988B2A3C78196EB4C2A39CA4EEA36
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Frame ID: 1A6F4608CF8C69D870D0FD03191E90C3
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Frame ID: AA0837985B8F080DBC6417B8BB9DCDDA
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Frame ID: DE9BC2CCE0E9FFFDEB18DFB279152C3B
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Frame ID: 5421223AE5FCEE38BB304DD5A3064017
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5533A736B02E8D95F21FCE70E56F133F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Frame ID: 57EC5E18A4DEFA5ACCDAF107887C0151
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Frame ID: BE115F174FD027C15F9C71DE21C3EB11
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 29175893E8E71D4333FE07795E05883B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 034E53F0391FEBF41FDE858B9A8D04E8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY_MaavQEwAQ&v=APEucNUrfgKiCNW-9JVyyVttAt1bB8jaak-YRqfpxivK846EeLB1BqfwzM2TdctoN3rDWjgahzlIR2KMeecP8RId6VW1OzDCY6hyCQS2OiCZfIrpP5DIlxDRGwONU16CpbbzZ4RYDaKQqv6YHu-wqjQ90akaQlC3Dio2gWYU1YwRpHVQYV3AlTY
Frame ID: 426F30A5396BCC2F9BC0B55080E3E12F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjhlUsXKpvcnAoqhPwcfcvLSELSRoIUMy4JaLBhMd_RChwCxeN61Uc0GF06ocKJdwv3pzpu-FiF3OpcoiFsufYnI7icFloj1FdDH7RcP9zXwXm7ASxPbfjDTrPFh3KmEs-FwY6Y6_aY9LUbR8qqYIXW7ml9Q&dbm_d=AKAmf-BHdqehwrFXHA17mdVG-FoXKi_v5RT74r5rONsvmXO7qscbuCZP8mzJ4f56jUgjzQSUAO94bTp2GW8vi9U8Bcs0Xi7-TIywM2xEAxH25q9fhPgpsLMbIKutF10epAuj80Ub4xt16-lyi-ehLB2PzoVo5_Z2wJkHlvdcM7TNYKlOh23Cs-6kTJI_bM7pf9jlEEBHf2gJ83y8ljdokkL_6kxt8oJ7Bt7v1YiY8gquMD5Kbfxe2s6j-qIZSXbsoZDlfYiJOb8YAJ9QjC9K75MU3NY0g1g-C9zVC2o_bJYDQlqnDF594v0F7b1gz3D2H9zM5aXZyMiesYVrsqHOQQbzF15U8dDL7kHsfhz1uGoGMLfk5UWxlQGXpHkNBB945Z3kVuJdlxXow5HcII832ibYHS7bxXAD7P--aKfeqIaTgps4StQnkyknnfQaE9ZM9b_IEko5Y-ntOoillRYYNZlIuCwVWLmMo9pnYvJWh799gagugHURFflWPC94WkwbYaLgqx93hsfSaVsgPcDPVSkpu6Cfp_G94AeQHW0Z8VGegEnJKOW1Dm10dbewMqZ8OkkeGTe9o8CtEpYkObCEbBVxXtJax6sMowosNCvA1IFrWWZJKczVocK7Wcw1hD9KWINHdsMCfsplzAu81xNdXgD6m7j_A6Kqe-JdAlQUhUCc4NcoZ33L4yPAWnAyNIaA1UgeF-CcbJV4ffgeOmsJzYgHEWIrV7LdrRKcrt_herFjYLvtBOmBlYTwF31tgGYPopsaEaHrvTpOB_4aknHEDRQ6mqdd3zzG-DI6c540t7tGot6RCF5C039WKT7h18bQ1aUR5eKjsxd4DW9InOLGf4vruagInc-RXRSg2upbvb-as9k2k4cvrnKvCB1jEdWa2CESBdx-zv1aG6Ykz9sez3GZ2rDTD3bdBZw-R5tSWDsF3eqPByY9msqffXmYeGMzsSgVEUeiywIZHtcSd893tiduI1lSVSQ6eJAdPHCIlHMf96tko64bUankQDqt1jq0BaGfUtxVInRtyGSJQ793q7p4VQoCwTtQ6IazhVakXoUgLVhAg5IB5Xqy2iMzS5ADwvG-EI9iWREGSq_QSFCho-kf4u29tKdKjFRYP5eAuGv_yWx5iYEvAoeFd6BjIK6NbuJ3FYi20RwestaaNZRCHmRWQZ7hrylAcfUHANpbwNO1AehfBq1CR6LoEoyv-nSdOSeMxPRD_nQ6yZjUMN6HN3MJSyiH0rKMAto6s-ejmgwMAIaSE-IsG4UTWAw1L_mUShNElugJMG--IhbfG5Z4lhJoPaXie1Oy3715ucdXOfIXG0MhAvl70fPJNTtmahxUfjO8qqXCssbSzsJEXikHARGwFQqAl4Iad9BT-PQAjPAPtnJ02tQHFJDIWjOFwaYSLwSbXkDYIYrIIwNfVj0IHqrGmeEmKOVftcIpGMxFaPS5VrcN8BqmYG2NduLL1l9r3iMGmcNA9EjFtnYQyyXu2D5_v2QpKJAEof3DUmFizjJ7q581H14K-9NWF0x751yTHInmIDRJICSRJE5p7kDcxVlXx5XeEkTi8HAQ48BGorPJYZqGCvYKGG2-SVfeUfDZCQpLJuaZnyQwgI6f2N3SCQM39JD4U_YAIPelCfigikLv4NwlADb8JtEFgKfR19ZK74QSL3JDccyVfL2V_YsB4iX8GzPo5DDDCreJyZR98zzK_piIKzru2iN2BVNOSvACa-61Dv3Bgsd7aoopyJ5dz6xeoZ4LR8OUYQPemknO-4rJmgP0IikbBtKYUl0FUp6-cnLJ8QdoBSpeuVCUdLvs9j_LHhnbclXJznH-7WTOKqFqwSssybyicCE9mzvmHUQMIdMQptd7wGPNkLXlspcVsJMgSEN5JxiW7J_wcqNFAhVyQ-D8EvWspfrsZfi8uSlXdI1J5gfsGIjKjDsVNrb_06-QWWkmZd3AgAp_60oEKTNSrikiKVdC5rBqCQaINGgLWzbF0VUwTWC-8bm7QjvI_-ODN1XcC6MC8yHl0OxAkP4MIGovLep3GLGi47I4iCRdT9kgRhoU55XxMDoC-k_fS2PoI1C1lFZ2t9Tc5ICMDLKrtQ8UCi50Y1hHoJZ3_YrTTdwWHJJq1HDgV5pNh6kmfVd7eMj1d6d0BrJRxsrSH7vw4ZevXOf7l1PKLunOJJEMpkMRj3akKU4EXAB-WaU5jomXP53z8VglYYZuqWEtYSluCpV-RUhM69XWj_Yv6H4dKwInSOJ6OAEl0wQ3oKRXmbUOAvee6GwquWnFeLqKZsgU1YwzstbsKSwmZXCi1AjCzNsplfWVkye763kD1S-0XyY18abVv0d9AG309VNzEaBD6_t-uZHQkvI7RZW8Dq9a6ZRjHHZz6WayHH8rXFnZ7r16XaGONKQ0reSilkOswhgsMMV3nZ7hyHXUHoeZ-ym-E26mjAyiy9Q_HsDwVVgcTAAPGIXZOSb1SwqqEQFMXDU-GMBPjRBWU-zdZOI_VJV6C-mXpgFl7VoaFs6tf4itJM3cBmoumE19WDVHaFJ7wcL62Gh4LmdTt9HMUtSAa6HWx28AwAlspSLApvE5UWJ6F8isaizeesXSs3Zcr2l2r3W7BipTXaWXKphZIK03ATmcPGgkaBTC7PvpLOfGfzRFaWfePavuRHBsY6-Opp6vi8IfkyEpOtPFATx42o7RDwtsE25XhC5kdop_fqwdnbv1PdIY8iJvf5u1MNrilB-8BhOclRN2tWo2NM1zCwR1Keu4uOTMrRibKa9JS6MTYiZq2a0rXPBBamzWCifGfMRQa0bWuceAPGe5v6C0F5E2KxVzhlRwM6WlJoJtw1Mg3OwYvpseGCtX67bIvnoqKKWEKo-RETsvaKtwdjDreQiw00YFtRexQkI9wMxmuR1Kr38iX6Zx8SZdrODRQ1rpl07anDOEv-tK90u6rjNxKbzBtFRa0Cgfdh7WURnzhB7RImkwebqqn2zE3xlvmk-Y-KhPzbe-s3MeF26jyxzZortgetbMKlzCrZnsgHUdEjI7XRFKYolznf3yCcVB0D2JF1Hrlbg3m7Nh3Gh7AirnH66lueZNm8fiDOMXZW5ch8-WR__1QzxbwgcITfQv19MY33fhn_e-TUi72WFy8-cYa1tUI7EVOH4RpcLnV96SyxkwB8dnJfEcMJqzj8NomnqZCHa1psblpBMAcBBVo43eXAmDbb1qpqOQbjOaSLN-dvQDh9LamhTnPmY0vEZv3HKffldj09vZ3_euq6AcsJ6H_Yy1xmCvawfvftlbzCwlsyNRPy9SENZN8cpIuh5Le6QzyEZir1L-XCSF6Kr3yCxEdNpu0RQ4F9BhclcycbEEwUJS-MCwS7H9jh-vU1pRZ-k8hXuQLonWIBgrcwdkcETm4HKYF5QL0vyban20v8wzg_1590eUhFuokFPiZa0MRA&cid=CAASEuRoKnrI7JPsAE8HfXRkDrnSOw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Frame ID: BA0F3435C31A06287984995EA7EEF865
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B9EC01F97E7F3452456477FDB7C1B638
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AFD18C52B235E009E61119F081A29D3F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
Frame ID: 175C188F7716F618799B3BE8D079A7A7
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 5F91A74FCA86679D2738BF9DB7416646
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Frame ID: AD08585BE3B36DC6046930C93F8E3338
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Онлайн бібліотека Gumoreska: гуморески, байки, казки, вірші

Page URL History Show full URLs

  1. http://gumoreska.in.ua/ HTTP 301
    https://gumoreska.in.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

195
Requests

93 %
HTTPS

56 %
IPv6

25
Domains

38
Subdomains

34
IPs

9
Countries

2073 kB
Transfer

5476 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gumoreska.in.ua/ HTTP 301
    https://gumoreska.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_165/https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png HTTP 302
  • https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png
Request Chain 76
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1&C=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoDkcx3ILRgSDEj-e3GN1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP_HHXeVZ_9-1Uye46ufLCQ&google_cver=1
Request Chain 149
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYzNDE4MDY3NTQ0Mzk2MDM1MQ%3D%3D
Request Chain 163
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEETY6pfkTQdqCqnF608RkjA&google_cver=1&google_push=AYg5qPI8jMeXoqAOn0jQt05ILTY75y7gWJhz_Dsuh5QiQ0qYxZc3Z7iRLZ9asHe44TryiH0RGAkYSHVeDV2TyAhvh-EukoBZZ2w HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEETY6pfkTQdqCqnF608RkjA&google_cver=1&google_push=AYg5qPI8jMeXoqAOn0jQt05ILTY75y7gWJhz_Dsuh5QiQ0qYxZc3Z7iRLZ9asHe44TryiH0RGAkYSHVeDV2TyAhvh-EukoBZZ2w&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TEULWeZJRZ2E42NmA3LhOQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8jMeXoqAOn0jQt05ILTY75y7gWJhz_Dsuh5QiQ0qYxZc3Z7iRLZ9asHe44TryiH0RGAkYSHVeDV2TyAhvh-EukoBZZ2w
Request Chain 164
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELs0Dk5zEwFpgmkvEXVlk2E&google_cver=1&google_push=AYg5qPLI-r4Nf58ykQ0aYKrIaWGy_ilGv7mBkZ_252dOLxYmRxgEtIk6XhcaP5C_hWqh54gF01Xaf2D36gBA72N9gyAvD1Auk6U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM3N1VaSUotNS04WldX&google_push=AYg5qPLI-r4Nf58ykQ0aYKrIaWGy_ilGv7mBkZ_252dOLxYmRxgEtIk6XhcaP5C_hWqh54gF01Xaf2D36gBA72N9gyAvD1Auk6U
Request Chain 165
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDm71dmanXwbgTQcx_gxS3s&google_cver=1&google_push=AYg5qPL5BmbohM4sBEgOcr8YE1OZG5eh3gTXORMOeR-Zp0wggt2PnioYAfGNzF7-p3Mz5BtVqv1VwQVVebkzK45j9WN38oWOfAE HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDm71dmanXwbgTQcx_gxS3s&google_push=AYg5qPL5BmbohM4sBEgOcr8YE1OZG5eh3gTXORMOeR-Zp0wggt2PnioYAfGNzF7-p3Mz5BtVqv1VwQVVebkzK45j9WN38oWOfAE&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoDkc4b8GaWTFpVAWF8Q1gAAAscAAAIB&google_push=AYg5qPL5BmbohM4sBEgOcr8YE1OZG5eh3gTXORMOeR-Zp0wggt2PnioYAfGNzF7-p3Mz5BtVqv1VwQVVebkzK45j9WN38oWOfAE&google_gid=CAESEDm71dmanXwbgTQcx_gxS3s&google_cver=1

195 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gumoreska.in.ua/
Redirect Chain
  • http://gumoreska.in.ua/
  • https://gumoreska.in.ua/
385 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
52baa64cba73862de3d77b1c99bfb81597f91f66c34b28e1b6ad21f88ee6bf5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-length
63524
content-type
text/html
date
Sun, 15 May 2022 11:30:56 GMT
expires
Mon, 29 Oct 1923 20:30:00 GMT
last-modified
Sat, 14 May 2022 11:26:59 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Sun, 15 May 2022 11:30:56 GMT
location
https://gumoreska.in.ua/
server
LiteSpeed
vary
User-Agent
gtm.js
www.googletagmanager.com/ 		111 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Z22TQ8
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd653cbca130a59d4c699ef1c48afb55d7a96b2fb1f1e7f87bd0038fcfc3261d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42504
x-xss-protection
0
last-modified
Sun, 15 May 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 15 May 2022 11:30:56 GMT
fontawesome-webfont.woff2
gumoreska.in.ua/wp-content/themes/veen/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/themes/veen/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://gumoreska.in.ua/
Origin
https://gumoreska.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
last-modified
Thu, 20 Aug 2020 18:28:12 GMT
server
LiteSpeed
vary
User-Agent
content-type
application/font-woff2
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
77160
expires
max-age=A10368000, public
logo-g-165.png
gumoreska.in.ua/wp-content/uploads/2021/10/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_165/https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png
  • https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
a2f085163f7ed9d5df9e579bde6589a6dd605b62a9e6bfdeb086b136c74380ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
last-modified
Wed, 27 Oct 2021 15:01:14 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
9745
expires
max-age=A10368000, public

Redirect headers

date
Sun, 15 May 2022 11:30:56 GMT
cdn-edgestorageid
887
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
05/14/2022 19:55:45
cdn-pullzone
257218
cdn-tag
0; Domain: gumoreska.in.ua; 302
content-length
0
server
BunnyCDN-CZ1-887
pragma
cache
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver
1.02
cdn-requestpullcode
302
location
https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png
content-type
text/html; charset=utf-8
cdn-cache
HIT
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control
public, max-age=86400
cdn-requestid
62c94b70cfb7baacbf0c42c90aadfd42
cdn-requestcountrycode
GB
cdn-status
302
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def5a5182e6f452dc9aca18f54d9d6f7e4007fe47a7a87cac07a658895e6af0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Origin
https://gumoreska.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56097
x-xss-protection
0
server
cafe
etag
17852016871029613212
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 15 May 2022 11:30:56 GMT
kn0c.css
gumoreska.in.ua/wp-content/cache/gumoreska.in.ua/wpfc-minified/1bt90yh4/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/gumoreska.in.ua/wpfc-minified/1bt90yh4/kn0c.css
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
43cc4405f112007891ce897704a3c51090f06518ec5f412abdc41a6946972723

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
6546
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
d70c2766b7c42f0b2418b6ea551262fb3750ec117c5183e02a388c2bb6a34b4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
30223
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/dsdtja46/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/dsdtja46/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
6cd9dcadb5a76a70af536b935023e99ee8e851bbf6913eac749abc254272c036

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
3945
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/qvbwl34w/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/qvbwl34w/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
ef47db6f7de15432f0ef629e32f414d08c3b0043a02bae98e9d498caffdec420

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
1259
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/kkws8pzc/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/kkws8pzc/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
50d82014097d60e740173746edeb6cbcfedd31a3006e2ff34954435284fd663a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
1669
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/8mlq88pd/ 		1 KB
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/8mlq88pd/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
4563cd1462210ae5ce2caf2ae9f5568b5ccfd8cfcb57c1a3c9cab732687a6f94

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
578
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/lpnrz4fk/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/lpnrz4fk/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
7a5f808ab3e1d2ecf9ae2f1cc8528b9043d988d489f51f98719ad8948cf8b89c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
6063
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/zc93027/ 		174 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/zc93027/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
19be0b2a57a018298533c06588dabd658bff8fb35de91f1cd0127686ccdc0d5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
47199
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/7937gavf/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/7937gavf/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
82edc28ef9ebd83e39ae5333fadf4e8a0977c5be47bf6956417e2c526e882ed7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
2328
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/q94sahyl/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/q94sahyl/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
764343b18530f180a417ecd0671fc07d92059bf7caca1d0f42f063ecdbb249c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
6743
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/4c1dzv7/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/4c1dzv7/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
86a9d4a77f503c5c43e726368e332bbd7b4aa6f3096ef3aa7610987c1279d98d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
1755
expires
max-age=A10368000, public
kn0c.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/2y12ky6m/ 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/2y12ky6m/kn0c.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
dbde1c54b8ef84dc09a80da6c920b66b80be21dbcdd68a3de24756463abea83d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
last-modified
Wed, 27 Apr 2022 11:59:30 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
19453
expires
max-age=A10368000, public
inactive.svg
gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 		238 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
last-modified
Mon, 09 May 2022 07:18:50 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/svg+xml
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
238
expires
max-age=A10368000, public
active.svg
gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 		246 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/active.svg
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
bed6cef3a2a83b0bfc42310907aa856549a86c15b7f3103d936c3d436bdd0655

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
last-modified
Mon, 09 May 2022 07:18:50 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/svg+xml
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
246
expires
max-age=A10368000, public
fontawesome-webfont.woff
gumoreska.in.ua/wp-content/plugins/print-post-and-page/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gumoreska.in.ua/wp-content/plugins/print-post-and-page/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://gumoreska.in.ua/
Origin
https://gumoreska.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
last-modified
Mon, 25 Mar 2019 16:54:20 GMT
server
LiteSpeed
vary
User-Agent
content-type
x-font/woff
cache-control
public, max-age=0
accept-ranges
bytes
content-length
65452
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans&display=swap
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17ab18efb06d6e99214141753b3d058c23239473ac62acdbe307faba26c88c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 15 May 2022 11:30:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 15 May 2022 11:30:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 May 2022 11:30:56 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb456fc6973f7f43835192e0502b08aa19971ea6631c8d8ac37618b50770b3a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112597
x-xss-protection
0
server
cafe
etag
18389845319223926763
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 15 May 2022 11:30:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/ Frame A320 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
62257
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 18:13:19 GMT
etag
1428802124239944296
expires
Sat, 28 May 2022 18:13:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131431071-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z22TQ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9d5c18ebfb8229b74aecabf7406b9a01f9884403233efb1ba1f86439b6b03c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40243
x-xss-protection
0
expires
Sun, 15 May 2022 11:30:56 GMT
cookie.js
partner.googleadservices.com/gampad/ 		219 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=gumoreska.in.ua&callback=_gfp_s_&client=ca-pub-9735848914219258
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
21496c6a7b5538225d8ab5e258591f7d623ef1ce98916403e212d35618fe74ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EA44 		95 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&adk=1812271804&adf=3025194257&lmt=1652527619&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgumoreska.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256655&bpp=2&bdt=297&idt=233&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6067182317130&frm=20&pv=2&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
137a856e42188665b9a11c046bd40165095e63557768922d21ce88757ce50b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
34096
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6CCD 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
baaa3c0c75e039b3ff942ed75a14dac103ecc071ce7945e862f1140c888c138f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9684
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5C4B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ccdeafb53532a4b7ce2478be2401a4a9bbdb99a74f17ba244906184ee4993cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9701
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 97CC 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
feadc482a8ab9a4ab5123564cc23d4e011f59cf749e5455c434487a195df6397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9715
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2E84 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0444a8e18f34a8af8d801f2b1e1c38e00ebef1df2432000f57d3498cf0018e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9691
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XD2CSE5HNH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131431071-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e08910e9e080a93ffed40309b770bf22f88512757e0986685c9c1b90665433a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69639
x-xss-protection
0
expires
Sun, 15 May 2022 11:30:56 GMT
collect
www.google-analytics.com/g/ 		0
162 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XD2CSE5HNH&gtm=2oe5b0&_p=38198414&_z=ccd.tfB&cid=493610250.1652614257&ul=en-us&sr=1600x1200&_s=1&sid=1652614256&sct=1&seg=0&dl=https%3A%2F%2Fgumoreska.in.ua%2F&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Gumoreska%3A%20%D0%B3%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8%2C%20%D0%B1%D0%B0%D0%B9%D0%BA%D0%B8%2C%20%D0%BA%D0%B0%D0%B7%D0%BA%D0%B8%2C%20%D0%B2%D1%96%D1%80%D1%88%D1%96&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XD2CSE5HNH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gumoreska.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131431071-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6967
date
Sun, 15 May 2022 09:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 15 May 2022 11:34:50 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=38198414&t=pageview&_s=1&dl=https%3A%2F%2Fgumoreska.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Gumoreska%3A%20%D0%B3%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8%2C%20%D0%B1%D0%B0%D0%B9%D0%BA%D0%B8%2C%20%D0%BA%D0%B0%D0%B7%D0%BA%D0%B8%2C%20%D0%B2%D1%96%D1%80%D1%88%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=568169247&gjid=1796127472&cid=493610250.1652614257&tid=UA-131431071-1&_gid=1019821798.1652614257&_r=1&gtm=2ou5b0&z=4720679
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gumoreska.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gumoreska.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-131431071-1&cid=493610250.1652614257&jid=568169247&gjid=1796127472&_gid=1019821798.1652614257&_u=YADAAUAAAAAAAC~&z=1653258832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gumoreska.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 15 May 2022 11:30:57 GMT
content-type
text/plain
access-control-allow-origin
https://gumoreska.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f792aa0206c73c31d646de35f0d9dbb297bafb34872ec0e37975e533d1f75a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52977
x-xss-protection
0
server
cafe
etag
6071233775191827155
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 May 2022 11:30:57 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/ Frame DC69 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
58677
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 19:13:00 GMT
etag
1428802124239944296
expires
Sat, 28 May 2022 19:13:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 97CC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:24:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 97CC 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 11:30:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 97CC 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:28:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 97CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvuinceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBL4BT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfqUc_nGntlqYjvBaKO6phXy25y2pGedRxLGeb0bXVv4QEw8F_qdn4AG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3MzU4NDg5MTQyMTkyNTgYAA&sigh=IG4flUMzLeM&uach_m=[UACH]&cid=CAQSGwCNIrLMeUKbxR8bBsbAgha2jsDhW1iydQJAxxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 15 May 2022 11:30:57 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 97CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOrgEr_6RKgGmAKH-lcYAgAAAJKYg5qP0Cx6EHDkgGL1I9NMTURuGvkuBgASAAA&wp=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
server
Kestrel
server-processing-duration-in-ticks
265970
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1A6F 		145 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=1203024835&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256659&bpp=1&bdt=300&idt=267&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MG0S3Xp2iO&p=https%3A//gumoreska.in.ua&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
899d28665a6cee2074011a8b79e816a32a7037a456b9cb2a21cb48764adeebeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QPS0aOOz37rNZbKJpjWFumXym_XDZeM35-potxLkLiFux0E8yiYUviqJqv78VZ0P-OMnQtRB9pg3uEC7EQt-4wCPiUv3P5zS5BG2IynlW2i0y2jt16X8PFTRr1NeZSFO3VHCz37nLhjD8Fg5SSPLnOtTZVadlflR6gvSzOOuhpXFvoK1Y0ElyAbtjmFkEaraNamMids1eqYMqKkbIvvaXPCPZRCWIY42ver49EqeBatVUwdUnJlni0VSYMydYRTvT3Y2Zw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
103040280
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame DC69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUHUlceSAYsvGAcLwtwfRrYNo9sDM4mSc0PaQ7A3f5O2KrgkQASClr4dvYLuGgIDQCqABmrTH_gPIAQOoAwHIA8kEqgTAAU_QL_XARFN7gEIxxB3gKDWQQSy68r1LkwpWvDrDREl3Skmws3hOG05gysIdV-AVX_eTPQIMdzVZpR4sSlFcLZzbCPRN2Uoznh_7AuvBKoAvHPJ7igZaaERXq8S8TRAZy2Lol23dOwFZQj9q2joBlCk9NYx7p_xRQ_49SHyNRg3dkgjLNMSKfRco262dmSeGvsPGtHWj1GKog1YDO7-TJ1Vqm9cHywmoS-0QtlAt_YFV_8_jgmvdkKoi6EnWRJudxsAEm5arlZ4DkgUECAQYAZIFBAgFGASgBgOAB87LuAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC5t0vSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTczNTg0ODkxNDIxOTI1OBgA&sigh=P3WqWou-5Ek&uach_m=[UACH]&cid=CAQSGwCNIrLMRY-t4wxr4F8s-zJemBVzyTDSlssbzBgB
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 15 May 2022 11:30:57 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame DC69 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:27:09 GMT
13863607324028987945
tpc.googlesyndication.com/simgad/ Frame DC69 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13863607324028987945
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee68533cc1601c6f97c071eff6f3cd05f0b4a4738ff1bbd21f37a58eaf513218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 10:13:09 GMT
x-content-type-options
nosniff
age
4668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46270
x-xss-protection
0
last-modified
Tue, 06 Oct 2020 15:15:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 15 May 2023 10:13:09 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame DC69 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:24:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame DC69 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:28:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC69 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 11:30:57 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame DC69 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 10:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12360
x-xss-protection
0
server
cafe
etag
2640822135664651074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 10:21:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 5C4B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:24:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 5C4B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:28:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C4B 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 11:30:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 6CCD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:24:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6CCD 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 11:30:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 6CCD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:28:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5C4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjDfdceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtQFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSC1J8lmXAcPair9IOnp3ar0VwEmpizNdARteHADug7OuXM1mgJU4dgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTczNTg0ODkxNDIxOTI1OBgA&sigh=jmPurRl3H9o&uach_m=[UACH]&cid=CAQSGwCNIrLMu9HWQhT7eu3-sLlZ6PIcCkmGmMn8ghgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 15 May 2022 11:30:57 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5C4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOrgEr_6RKgGmAKH-lcYAgAAAE5v2bdso649EHHkgGJOEf4v5JfUZT6nxwASAAA&wp=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:56 GMT
server
Kestrel
server-processing-duration-in-ticks
324298
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame AA08 		152 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3390593775&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256658&bpp=1&bdt=300&idt=263&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QkjybNa2Cx&p=https%3A//gumoreska.in.ua&dtd=266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
086413abb743a99aef6a2ebfdc91f9a47c866b9c83e99529b4985da830eda0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QOZy1uOz37rNZbKJ-hVGMvImND9soo8ePsnJZmXfiVL5kI0-TzksUs_FIjDAyvHD3MxBTWxzTAhWT4h4DFdl_WUBQh_4fRQWclToVkm9hjjXt115R9GHVK2mU2XetPJ9XZ8lnEu9nPN9ZO_q0ci1W4vtBlDi4Y6ycHrk2J79ULakKZ-Ca5qnaXTIbQl-PWUCVFwsIBQn2-cIhtl7SE9MMECCA5nbNFoHwZqy3N_TCx6SmUcdNQHtxbyrgN0oeGXhxw-hKg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
107006500
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame 6CCD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2OlFceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEugFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjyw11SlCaXRnUNaGQoz8AG9pBPiKpaiLgEzVweWlbJMEPf-R2yFLp6ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NzM1ODQ4OTE0MjE5MjU4GAA&sigh=SDeqnpsMF-E&uach_m=[UACH]&cid=CAQSGwCNIrLMzVZoPBUCisJfQ8xzc2_1tahPOscGpRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 15 May 2022 11:30:57 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6CCD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOrgEr_6RIgJmAKH-lcYAgAAAJKYg5qP0Cx6EHDkgGLYrDMZjYdELApfvgASAAA&wp=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
server
Kestrel
server-processing-duration-in-ticks
219314
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame DE9B 		150 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256657&bpp=1&bdt=299&idt=253&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WnQLlLysT9&p=https%3A//gumoreska.in.ua&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b6ad1439a7cde5f5a9db029d88c07c65a3b063042a09e2c522676247f54a2daf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Z8JUi-Oz37rNZbKJ05qfIwE_Hz2zwVyM5ym81ygQJtotHc6JFDSqevLAc9OcEE07bOaWiYxYFcQF4S5nYHnR5TItpxSevCuVTFEcFGXpx1luWdkVM08f1k9iSwjlunNImId_HFGwrGLUhIf--hNaMsnByu4xZFISBufLgJkQzixhVhfjh37LBq08HugwJY_VfoU5m1yD9gboEbrNLzzb_qhRU6jjNg7xpdytXSxIafO32CEXYfUQz3KuZCN1PzVbc2Cu6A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
110660641
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2E84 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:24:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E84 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 11:30:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2E84 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:28:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2E84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSD0uceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtAFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKPKnWnvBNToYu6zqeZ7qKjT1byxVRLaKlG2HnbPTuOy-JRKr6kviABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NzM1ODQ4OTE0MjE5MjU4GAA&sigh=A55w9pRFFaM&uach_m=[UACH]&cid=CAQSGwCNIrLMYfpF5EjwO5beREHAAjWG4UwP2KDfBBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 15 May 2022 11:30:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 15 May 2022 11:30:57 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2E84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOrgEr_6RMwC-gGH-lcYAgAAAN-QDrt3z_8oEHDkgGL-_R6PMbv3Co2wkgASAAA&wp=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
server
Kestrel
server-processing-duration-in-ticks
225782
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5421 		135 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b10f1cbed0fd9ae8d2029eee19ee34996453fc31fd09bc113a5597712c547019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:57 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WujY_eOz37rNZbKJFj3ES1GsJfPHuXHD5x5FGxca23r4B_B8NNpY3vEmjP-d-NrKAeLdsiFNuWPpXP8Y1lRU5YuCATNrqDf3DQuU92RnbmuhZF_4zlAoF45LZsUvpDecr8fdl1jiwxnRC4g1s8Kmjypj4G82oSh-5Vp-7FPlp3OTpqi3-2ld5UtbNdQ3Jb2QPB7FD8QDwQ81GGARC8IXRn4xEQtSpBpVAMnSHHHJ1PY0Bm5NKN3mGbs8NTnY1BX5TNPqbZ3q81CUGWkO"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
107812857
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5533 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1391
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 11:07:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5C4B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7675ae2ef7a70005c61495ea29caf5e2113d2d610b89d1a9cdb9f4b297f9303b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DC69 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a829576800d87899f2f5462524e56a31f225a2d22416950c4bfc730b18b54673

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 97CC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bc2da72121c595272eccccf3079a3d86ae00878466429c8cd7513904436c5c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2E84 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1745cc948025f24d64899c527ee3754d820afd13161854e635e844952137920

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5533
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 11:30:58 GMT
expires
Sun, 15 May 2022 11:30:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 11:30:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6CCD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30804129e06d3756215af414c75d8f0f4b17aaf6df4e817d17132ecfa113fa80

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1A6F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1A6F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1A6F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 10 May 2023 11:30:57 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 1A6F 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Wed, 10 May 2023 11:30:57 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 1A6F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0urHwMG9Gd7sANkL-fG0XY1weY8Z1FgvErp8iDQlvQMvPYJFEoA_mubGZ2rCjNCH369E2k0SqeIE0YZDQvxaiYlUktWC-EUuyVJoUd-I7UZauxXvAzodceDbLy6rqUvVh3v8qTsKD668w92szt4_qPEg05YVoKeGqAMfG5buVRXiPOhynWnNXFFkvrpgqQ7_B6nAGU0jq9ckcDTJgrwPUrtPMtNtZipnDKYgTI1eSxgGDMV_dYKFNrna9pIUhXzwpoaQjStmAdDJMbqGQxs3bOhGbO62DZibpg9a4_Q6wMEldO2No-vYP8aBf_-gtHyYXon0PHfxVhUPZTvS7fBHZW2__Xkd-rR-GTQad7ApfgyRUwO3KOXXr26lVmNdO3s4705_iOQx3a-FGW4kAiUnslKMWseKBDU9mWm_Y2p8M8QZw2fbhe-uvUtGYiXkxgcLPFWUsQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:57 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2715019
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1A6F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
815549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAG04Wr0GUc7AcAqA6tuGMDps344ho1t4o064muoaZFLgImyr0eJcJTLyY3ShIgFMJZoa2voTTuoJM8dgJCK3gtzMjCiA6EBUFRiHn085j9jcFDRagIjs3OhVYurWpKY2SNfJ2o5V6fNBk345ue9zj%2Br"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70bb8b683cb7065e-LHR
expires
Fri, 05 May 2023 11:30:57 GMT
140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame 1A6F 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 16:51:34 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e175a16-6d58"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
animejs.js
static.criteo.net/animejs/ Frame 1A6F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
img
pix.eu.criteo.net/img/ Frame 1A6F 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=398&s=c2XASLh8ZYVxoTFiYmdLkbZm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d3fce3bfc73a6ea0b84ca2a1164990b0eeae97c638a6778cc51fb58afb50ba31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29881621
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5590
expires
Wed, 26 Apr 2023 07:57:59 GMT
all
csm.eu.criteo.net/ Frame 1A6F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=QPS0aOOz37rNZbKJpjWFumXym_XDZeM35-potxLkLiFux0E8yiYUviqJqv78VZ0P-OMnQtRB9pg3uEC7EQt-4wCPiUv3P5zS5BG2IynlW2i0y2jt16X8PFTRr1NeZSFO3VHCz37nLhjD8Fg5SSPLnOtTZVadlflR6gvSzOOuhpXFvoK1Y0ElyAbtjmFkEaraNamMids1eqYMqKkbIvvaXPCPZRCWIY42ver49EqeBatVUwdUnJlni0VSYMydYRTvT3Y2Zw&sds=2&rev=81468.6&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 11:30:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1A6F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1A6F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABcYsA-QcWAAlrHWx1hssT1-vq0OngDQ&u=%7CnPe1aGloCQD6BNeiRZCGR941bTZxhCAFBE%2FfEo74ziU%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvp8sTa7zbzgyJ2k9XHUWRJgq5K87Mf4Wm0Ez6VG2X-ysUv6xYZ-EAbIrDLdhkwE59JLBV_fKwY88NhhfYcIqMGYDpM89FCvarbJuh0xzv4XaH4_p-dOkhMqfXiVn_VEi04c8p4yMlWJyvutq3ZSH0fzWGW730haJWfwKAUj9C0tF0IO41Nz7H8GfpolqPfu66PNbhqSQAySzpCg3s79Gyg3WDZK9flSq4O_1pbeaMDYeUbQcKBo0G6KluOaOlL7wypO7N19NhDVD--4IJP5hTgjis426adcgVye8y7-mU8QPLCTbB40lc8k_bFEqy0-vIn-5YMbSqv39YkuQqOkjxes-JGhZ9-0RznCd6K4S-7_qNqQQyTZRvIX7tZ7gLfExdg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_MDpceSAYovjBZaO5LcPndalqATkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCL-A93aqStD6oAwGqBMEBT9BG30IXYI4vxnS00W8HBQZTusSzO0koxLgQrML0DYiVBV6HOK64RDdQTEmX8b7lWnmDPbtpr8b6rPPWxVpDahhiQ488dhX2yOkwqo50PfeX7vasI85LQXTnYPrL2xxdbV88t4ZzqCXeHEOW0PFtUf8dveD4fU4wE5Oiz_7p9zPj4FrzgiHMNoA6WswHUbhI3oXQ_DZRqfrWcdhUTXuYZ6gzZzs5wolZ2Ii8GG2zX8lI4tmH_OTmbFTtkBCYDALjxYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mlml7x7v5Q44dzUHttYvbZtW0Lw%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame AA08 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame AA08 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AA08 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 10 May 2023 11:30:57 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame AA08 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Wed, 10 May 2023 11:30:57 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame AA08 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hID5iMG9Gd7sANkL-fG0XY1weY9UuEj8gDpKfEaCsITex96D38B13Fls4cKq-NS-D94ItnqL-F1jMBP5d6gAzjEz72drq7iOlx_qeJCHNDuOPASNu8fhMltcExv30wUSpD4PXznHKJ-0ac5dMmGa-9bFJ-qRaDcf7u9Nx9ODBXkjp4EL_cnZB0mYea0fFm_3yUFd31Wr1PWfbM3dSY00M4c-g-5K08oSIhatDCOwaRxrkIYf-0rkf0c8u7YnjlBhdPa96pAZ06zOjAze9hFyFX7D5E7S9uxVD_dcFyqHYIr95YxR2GjP_8I9C4jK6TlSfBd0yLA1s6Vb8gzJZzOT6QsmI-g0U6ZmP5vws4ms-z6SpMFbP20AwulNQA-SsONQonN_Z0y37dGkaTYeZRPmvESSnYrpjT1lRvOQpw-revRGsV_JItjgX3KzCex76iyY_37xMg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:57 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2950752
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AA08 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
815549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmKui%2BTz6AzlpWtYFcJKEP1CQDIpSQClnWL8%2FyjXs1pezRtUSKJHAngrZ%2Bzgbvzmu9Kv6L1Tn3Yy%2Bg%2FBqvbIccEs9na5Luvhl7xk4mhsrdd7giyGD3X7wyilKW%2FIGo9HUZn%2BKX0MH%2FgvNglxZbUAit2b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70bb8b686ced065e-LHR
expires
Fri, 05 May 2023 11:30:57 GMT
animejs.js
static.criteo.net/animejs/ Frame AA08 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5421 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5421 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5421 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 10 May 2023 11:30:58 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 5421 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Wed, 10 May 2023 11:30:58 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 5421 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=R60W7cG9Gd7sANkL-fG0XY1weY-D94qaswbmqEZBpJVsVAZ0mIi8O-9rKMJsrzBY5VOk0DU9Qw9HAtPYp9LbCUA5TFEp4uMbQf6Wj70MF8h7h_Grh_wgn0Aq5c7NdSMMK3dNfh6gQ80CmiBer45ETxtW0wf7mAcdIsWACrl2E8H9AMXsVvYwRFWO8IKg9lNMwDcjSdxckHI1du22iX7xzp_0cuhC5_P1L_WE_qWJMLoMXpC_IOz5yHvjrKK8m62DeZ_dntirM-ZyTuRDsx7txv5Zpw-FxyA4y-FeK2sTn2wiNMdaY7qUdQomRXIQ1NAU1ABJqsXpK9-uiFf49I4SCkpQic3v_jhiXOxUprxDEi2MdJUwZyzsZZ68wlcVgaIunSL-VOLU2T3FVsL44ZQt-fLwrbIS1j8FD757LGIUx-lyIrzOciNEbuVBb-tybTZ7Mk6-ig
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:57 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2521585
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame AA08 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 16:51:34 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e175a16-6d58"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:57 GMT
img
pix.eu.criteo.net/img/ Frame AA08 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=398&s=c2XASLh8ZYVxoTFiYmdLkbZm
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d3fce3bfc73a6ea0b84ca2a1164990b0eeae97c638a6778cc51fb58afb50ba31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29881621
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5590
expires
Wed, 26 Apr 2023 07:57:59 GMT
all
csm.eu.criteo.net/ Frame AA08 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=QOZy1uOz37rNZbKJ-hVGMvImND9soo8ePsnJZmXfiVL5kI0-TzksUs_FIjDAyvHD3MxBTWxzTAhWT4h4DFdl_WUBQh_4fRQWclToVkm9hjjXt115R9GHVK2mU2XetPJ9XZ8lnEu9nPN9ZO_q0ci1W4vtBlDi4Y6ycHrk2J79ULakKZ-Ca5qnaXTIbQl-PWUCVFwsIBQn2-cIhtl7SE9MMECCA5nbNFoHwZqy3N_TCx6SmUcdNQHtxbyrgN0oeGXhxw-hKg&sds=2&rev=81468.6&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 11:30:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AA08 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AA08 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DE9B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame DE9B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DE9B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 10 May 2023 11:30:58 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame DE9B 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Wed, 10 May 2023 11:30:58 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame DE9B 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=nIsmccG9Gd7sANkL-fG0XY1weY_pvudE-h-H_5HVSlQfYcn1ChMSmrBmSPjS1FO9K0AbX-uqQuQW7ypLIzV2GOaxFwrL76p6xZRVa7aeL_0kQsb8yH2SJkeScMwPcar0KA5TdCw9vQflvcLaugP1ttyi0TMZKVBwRsDf07cc0Yx9Wb5sKeglv98FwhT6nrRs7f5LhDDAY84heEaecDCyfboaAFcr7BdWD2R-sn4eHtNdNuU-AYJMKmsGbwdNvAJNVemE_8y1ftm1m-G0CUcMHZZKAMBAzg3XvCFNwVPFmbAB_FNxoxxtY3XKbk-rXa-YP0wx1wQEGrUWEMLTV7im1NzM0RQjfijnaCqWE1GtYsMyfHQ2YxzQg1nDWAm1RlCWHfKrgB0oZ8QuRZhXb1SpIPNNhABnJUVBalU9XD8AQQeNoG5XdTn4X5ZSoiTCnFdOK63ErA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:57 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2992348
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5421 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
222056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o18pet8HKNSj1MoHOXbysivIoQJ8ZWkoRbrIij5wvarMHXGMQWbeSO24bFvzy0NiOVcjn3xRd7QLpZXwcU3ornssZUm1R%2BvVnToxKaKZNZpTPC0R5XKi2lnzwqn7NQ%2FBo0VewRKYz9OmlIO9yFGJYpCq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70bb8b68fd47768c-LHR
expires
Fri, 05 May 2023 11:30:58 GMT
animejs.js
static.criteo.net/animejs/ Frame 5421 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame 5421 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 16:51:34 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e175a16-6d58"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
img
pix.eu.criteo.net/img/ Frame 5421 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=158&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=660&s=mabX-BNwmwTn0cqJQjXvc1yh
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9e794e07348dabfa6c210f66b36b741268a8ac1003214a5b6bf8974d3655ab1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29881621
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6180
expires
Wed, 26 Apr 2023 07:57:59 GMT
all
csm.eu.criteo.net/ Frame 5421 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=WujY_eOz37rNZbKJFj3ES1GsJfPHuXHD5x5FGxca23r4B_B8NNpY3vEmjP-d-NrKAeLdsiFNuWPpXP8Y1lRU5YuCATNrqDf3DQuU92RnbmuhZF_4zlAoF45LZsUvpDecr8fdl1jiwxnRC4g1s8Kmjypj4G82oSh-5Vp-7FPlp3OTpqi3-2ld5UtbNdQ3Jb2QPB7FD8QDwQ81GGARC8IXRn4xEQtSpBpVAMnSHHHJ1PY0Bm5NKN3mGbs8NTnY1BX5TNPqbZ3q81CUGWkO&sds=2&rev=81468.6&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 11:30:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5421 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5421 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABeqwKW8KYAACVlszTFSFjbi4ljK_KbA&u=%7CnPe1aGloCQA2VCP4Y6vsEF71A1XwN3D0tt%2BU2H4oDVk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wypL0fcQWu25ycyhdoZmJ-j_mjv5FZnTlTX1i1fYPy5a7FD13J4_AtrjfB-YBWA_PpXeFWvUedwHiX8SD-1qX0UAWLhPc6dlRzp4WKfruyMVJRksmtYbW_SRCoKSYp6JgceUfdqDTVVAKcTz0U7FDEoZasQ8IpJRbnbzzceEVU27TTUI1q8bTtMl40vw9S-h6dZJKn5eJHVjol05FJTMjsbRqMXbr-ual97UjExjluRY0PsLpIERd3RIqBTirThAuX-p7QbfqBTdk9O-_ltrF-UO7RYkgf-TCMmmF45Sc1jvMSp1fRYx2laE4QrIdwVttE-y4b4u4heNqZe-2G5CKpRUR2mxmwLXuCBR3ZzINW38lwIY4KPynH4cYuFtuHemyUZ8cNoFeOV4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLgf6ceSAYqz1BZiF7wKWq4KwD-SP0rFct_TriIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEtwFP0G5Dnrbhqymcn9SbjQa9KNCQPCqSBclSTvhOdW2k8BCdxoOjQYDCF97qzg8PnI-i-9nT0tSeUjL6gM3P6OnlQbdZPHKu0yhw1ncSZcVvpEv2eL0zqkWbQUXyc5aKfzZH6TEGRGrXvPg6Ec6qp-JK4x79Y8xxSeHzT0o5ZaPoLSXj7uArUBl1XcIkmBFKfqv3DCPvvIO9GTUG5N4WJj5PwalbA7p-lfqD8FVRJQORlS0Ql2tCTveABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gi4x9lZyP62iGQi_wF7eglTyq4w%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DE9B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
222056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip8IK1sRMje1N2TFOHQH0EIN8z12hhFoD0s3LpIg2U5OavTpm3F5R2KwKCHLpxyFqfC1Fr7BJG7Kv06uY5kJD4upa5hdfv26HRNcflaZgbiPVxqrmObTQo%2FesxAttTtN0tqQG3kO6hiZo0fVBqbeKIak"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70bb8b694e44768c-LHR
expires
Fri, 05 May 2023 11:30:58 GMT
animejs.js
static.criteo.net/animejs/ Frame DE9B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame DE9B 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 16:51:34 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e175a16-6d58"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
img
pix.eu.criteo.net/img/ Frame DE9B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=516&s=ogcU1-icC3-D1yI-ooJwWv0i
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
dc08e684f06e2f566c9db513023cfddd5809a3cb6467f9575704a8fdac9e1991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29881621
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7284
expires
Wed, 26 Apr 2023 07:57:59 GMT
all
csm.eu.criteo.net/ Frame DE9B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Z8JUi-Oz37rNZbKJ05qfIwE_Hz2zwVyM5ym81ygQJtotHc6JFDSqevLAc9OcEE07bOaWiYxYFcQF4S5nYHnR5TItpxSevCuVTFEcFGXpx1luWdkVM08f1k9iSwjlunNImId_HFGwrGLUhIf--hNaMsnByu4xZFISBufLgJkQzixhVhfjh37LBq08HugwJY_VfoU5m1yD9gboEbrNLzzb_qhRU6jjNg7xpdytXSxIafO32CEXYfUQz3KuZCN1PzVbc2Cu6A&sds=2&rev=81468.6&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 11:30:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DE9B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DE9B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 11:30:58 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 57EC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 13 May 2022 05:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
195407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 May 2023 05:14:11 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E84 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame BE11 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/kn0c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c74663c6479cf7297aa2159926255b58e2cd6725f4393c58172480a31dfea91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10547
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96f9a373f263c5d3e2f220d40ff42c118cd9f39b70e9a2d75c502d84ad63b51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10479
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 11:30:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2917 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:28:53 GMT
expires
Mon, 15 May 2023 11:28:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 034E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d39b97ce366b0559a32a72e6442cfa49f415ffd3bd000e425eea7c031b3655a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BAr9E4-kcucu7aQhmNGKqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-BAr9E4-kcucu7aQhmNGKqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:58 GMT
expires
Sun, 15 May 2022 11:30:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 2917 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 13 May 2022 05:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
195407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 May 2023 05:14:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 034E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=3892788198639432&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2917 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nsz5ew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 426F 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY_MaavQEwAQ&v=APEucNUrfgKiCNW-9JVyyVttAt1bB8jaak-YRqfpxivK846EeLB1BqfwzM2TdctoN3rDWjgahzlIR2KMeecP8RId6VW1OzDCY6hyCQS2OiCZfIrpP5DIlxDRGwONU16CpbbzZ4RYDaKQqv6YHu-wqjQ90akaQlC3Dio2gWYU1YwRpHVQYV3AlTY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame BA0F 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjhlUsXKpvcnAoqhPwcfcvLSELSRoIUMy4JaLBhMd_RChwCxeN61Uc0GF06ocKJdwv3pzpu-FiF3OpcoiFsufYnI7icFloj1FdDH7RcP9zXwXm7ASxPbfjDTrPFh3KmEs-FwY6Y6_aY9LUbR8qqYIXW7ml9Q&dbm_d=AKAmf-BHdqehwrFXHA17mdVG-FoXKi_v5RT74r5rONsvmXO7qscbuCZP8mzJ4f56jUgjzQSUAO94bTp2GW8vi9U8Bcs0Xi7-TIywM2xEAxH25q9fhPgpsLMbIKutF10epAuj80Ub4xt16-lyi-ehLB2PzoVo5_Z2wJkHlvdcM7TNYKlOh23Cs-6kTJI_bM7pf9jlEEBHf2gJ83y8ljdokkL_6kxt8oJ7Bt7v1YiY8gquMD5Kbfxe2s6j-qIZSXbsoZDlfYiJOb8YAJ9QjC9K75MU3NY0g1g-C9zVC2o_bJYDQlqnDF594v0F7b1gz3D2H9zM5aXZyMiesYVrsqHOQQbzF15U8dDL7kHsfhz1uGoGMLfk5UWxlQGXpHkNBB945Z3kVuJdlxXow5HcII832ibYHS7bxXAD7P--aKfeqIaTgps4StQnkyknnfQaE9ZM9b_IEko5Y-ntOoillRYYNZlIuCwVWLmMo9pnYvJWh799gagugHURFflWPC94WkwbYaLgqx93hsfSaVsgPcDPVSkpu6Cfp_G94AeQHW0Z8VGegEnJKOW1Dm10dbewMqZ8OkkeGTe9o8CtEpYkObCEbBVxXtJax6sMowosNCvA1IFrWWZJKczVocK7Wcw1hD9KWINHdsMCfsplzAu81xNdXgD6m7j_A6Kqe-JdAlQUhUCc4NcoZ33L4yPAWnAyNIaA1UgeF-CcbJV4ffgeOmsJzYgHEWIrV7LdrRKcrt_herFjYLvtBOmBlYTwF31tgGYPopsaEaHrvTpOB_4aknHEDRQ6mqdd3zzG-DI6c540t7tGot6RCF5C039WKT7h18bQ1aUR5eKjsxd4DW9InOLGf4vruagInc-RXRSg2upbvb-as9k2k4cvrnKvCB1jEdWa2CESBdx-zv1aG6Ykz9sez3GZ2rDTD3bdBZw-R5tSWDsF3eqPByY9msqffXmYeGMzsSgVEUeiywIZHtcSd893tiduI1lSVSQ6eJAdPHCIlHMf96tko64bUankQDqt1jq0BaGfUtxVInRtyGSJQ793q7p4VQoCwTtQ6IazhVakXoUgLVhAg5IB5Xqy2iMzS5ADwvG-EI9iWREGSq_QSFCho-kf4u29tKdKjFRYP5eAuGv_yWx5iYEvAoeFd6BjIK6NbuJ3FYi20RwestaaNZRCHmRWQZ7hrylAcfUHANpbwNO1AehfBq1CR6LoEoyv-nSdOSeMxPRD_nQ6yZjUMN6HN3MJSyiH0rKMAto6s-ejmgwMAIaSE-IsG4UTWAw1L_mUShNElugJMG--IhbfG5Z4lhJoPaXie1Oy3715ucdXOfIXG0MhAvl70fPJNTtmahxUfjO8qqXCssbSzsJEXikHARGwFQqAl4Iad9BT-PQAjPAPtnJ02tQHFJDIWjOFwaYSLwSbXkDYIYrIIwNfVj0IHqrGmeEmKOVftcIpGMxFaPS5VrcN8BqmYG2NduLL1l9r3iMGmcNA9EjFtnYQyyXu2D5_v2QpKJAEof3DUmFizjJ7q581H14K-9NWF0x751yTHInmIDRJICSRJE5p7kDcxVlXx5XeEkTi8HAQ48BGorPJYZqGCvYKGG2-SVfeUfDZCQpLJuaZnyQwgI6f2N3SCQM39JD4U_YAIPelCfigikLv4NwlADb8JtEFgKfR19ZK74QSL3JDccyVfL2V_YsB4iX8GzPo5DDDCreJyZR98zzK_piIKzru2iN2BVNOSvACa-61Dv3Bgsd7aoopyJ5dz6xeoZ4LR8OUYQPemknO-4rJmgP0IikbBtKYUl0FUp6-cnLJ8QdoBSpeuVCUdLvs9j_LHhnbclXJznH-7WTOKqFqwSssybyicCE9mzvmHUQMIdMQptd7wGPNkLXlspcVsJMgSEN5JxiW7J_wcqNFAhVyQ-D8EvWspfrsZfi8uSlXdI1J5gfsGIjKjDsVNrb_06-QWWkmZd3AgAp_60oEKTNSrikiKVdC5rBqCQaINGgLWzbF0VUwTWC-8bm7QjvI_-ODN1XcC6MC8yHl0OxAkP4MIGovLep3GLGi47I4iCRdT9kgRhoU55XxMDoC-k_fS2PoI1C1lFZ2t9Tc5ICMDLKrtQ8UCi50Y1hHoJZ3_YrTTdwWHJJq1HDgV5pNh6kmfVd7eMj1d6d0BrJRxsrSH7vw4ZevXOf7l1PKLunOJJEMpkMRj3akKU4EXAB-WaU5jomXP53z8VglYYZuqWEtYSluCpV-RUhM69XWj_Yv6H4dKwInSOJ6OAEl0wQ3oKRXmbUOAvee6GwquWnFeLqKZsgU1YwzstbsKSwmZXCi1AjCzNsplfWVkye763kD1S-0XyY18abVv0d9AG309VNzEaBD6_t-uZHQkvI7RZW8Dq9a6ZRjHHZz6WayHH8rXFnZ7r16XaGONKQ0reSilkOswhgsMMV3nZ7hyHXUHoeZ-ym-E26mjAyiy9Q_HsDwVVgcTAAPGIXZOSb1SwqqEQFMXDU-GMBPjRBWU-zdZOI_VJV6C-mXpgFl7VoaFs6tf4itJM3cBmoumE19WDVHaFJ7wcL62Gh4LmdTt9HMUtSAa6HWx28AwAlspSLApvE5UWJ6F8isaizeesXSs3Zcr2l2r3W7BipTXaWXKphZIK03ATmcPGgkaBTC7PvpLOfGfzRFaWfePavuRHBsY6-Opp6vi8IfkyEpOtPFATx42o7RDwtsE25XhC5kdop_fqwdnbv1PdIY8iJvf5u1MNrilB-8BhOclRN2tWo2NM1zCwR1Keu4uOTMrRibKa9JS6MTYiZq2a0rXPBBamzWCifGfMRQa0bWuceAPGe5v6C0F5E2KxVzhlRwM6WlJoJtw1Mg3OwYvpseGCtX67bIvnoqKKWEKo-RETsvaKtwdjDreQiw00YFtRexQkI9wMxmuR1Kr38iX6Zx8SZdrODRQ1rpl07anDOEv-tK90u6rjNxKbzBtFRa0Cgfdh7WURnzhB7RImkwebqqn2zE3xlvmk-Y-KhPzbe-s3MeF26jyxzZortgetbMKlzCrZnsgHUdEjI7XRFKYolznf3yCcVB0D2JF1Hrlbg3m7Nh3Gh7AirnH66lueZNm8fiDOMXZW5ch8-WR__1QzxbwgcITfQv19MY33fhn_e-TUi72WFy8-cYa1tUI7EVOH4RpcLnV96SyxkwB8dnJfEcMJqzj8NomnqZCHa1psblpBMAcBBVo43eXAmDbb1qpqOQbjOaSLN-dvQDh9LamhTnPmY0vEZv3HKffldj09vZ3_euq6AcsJ6H_Yy1xmCvawfvftlbzCwlsyNRPy9SENZN8cpIuh5Le6QzyEZir1L-XCSF6Kr3yCxEdNpu0RQ4F9BhclcycbEEwUJS-MCwS7H9jh-vU1pRZ-k8hXuQLonWIBgrcwdkcETm4HKYF5QL0vyban20v8wzg_1590eUhFuokFPiZa0MRA&cid=CAASEuRoKnrI7JPsAE8HfXRkDrnSOw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03d4bd788f7170dc78afacb307ba103f14b5e6f7835776bc339b85cd9fc15e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34124
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame BA0F 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=818610713&campId=15570238777&pubId=1&placementId=396796796&adsafe_par&bundleId=&dealId=&bidurl=https://gumoreska.in.ua/
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.58.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-58-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee45ebbc35d0a3ce96de731e84176c69be057b2fa3bde8f789b1e800055f8a27

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame BA0F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:24:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA0F 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 11:30:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame BA0F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:28:10 GMT
l
www.google.com/ads/measurement/ Frame BA0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQ6aFLEy24AaFXDSu3jeRcWghQQ7-plrvNTO_6nAOjHrz5KHbe4cLrGknoEUlO05iQq36c1iB19ZbEvQLtnMkHPj7XuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA0F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CvtHoGrwoIXAgpLIN6AjOMSzeinIynQokbhI3V5Z_sNg95SsahXDiNR81sRnlljD721tufJmVY9gAy9TYkyQdB9co7jotdkEqaAhKbzhJfBfIcay8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6CCD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQZ6jYPmGxF6Z0rapCssuaiZccuuFp1MzEWFDvgQngcmp8RXUbpVW05D6szULqNj_lQpViAWYiGszjIT0x6Bwouw&sig=Cg0ArKJSzGIPXUjw0Yk8EAE&id=lidar2&mcvt=1001&p=0,0,280,1160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2334401640&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652614256918&rpt=928&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C4B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX29qVb4ndI47uqjS8v9bC3mv61IppO4ni5G1_7ekU_AnX_EpEVr8X1KrRxrBI3dyt-qg9VouyD8MDUlCxjnpFhQ&sig=Cg0ArKJSzA254IxiqF3sEAE&id=lidar2&mcvt=1000&p=0,0,280,808&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=293745757&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652614256925&rpt=938&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 426F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY_MaavQEwAQ&v=APEucNUrfgKiCNW-9JVyyVttAt1bB8jaak-YRqfpxivK846EeLB1BqfwzM2TdctoN3rDWjgahzlIR2KMeecP8RId6VW1OzDCY6hyCQS2OiCZfIrpP5DIlxDRGwONU16CpbbzZ4RYDaKQqv6YHu-wqjQ90akaQlC3Dio2gWYU1YwRpHVQYV3AlTY
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 11:30:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 11:30:59 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 11:30:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sun, 15 May 2022 11:30:59 GMT
rum
dsum-sec.casalemedia.com/ Frame 426F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoDkcx3ILRgSDEj-e3GN1AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY_MaavQEwAQ&v=APEucNUrfgKiCNW-9JVyyVttAt1bB8jaak-YRqfpxivK846EeLB1BqfwzM2TdctoN3rDWjgahzlIR2KMeecP8RId6VW1OzDCY6hyCQS2OiCZfIrpP5DIlxDRGwONU16CpbbzZ4RYDaKQqv6YHu-wqjQ90akaQlC3Dio2gWYU1YwRpHVQYV3AlTY
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 11:30:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 15 May 2022 11:30:59 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC_5B34yGgqJ6g3SIb69bU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 426F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP_HHXeVZ_9-1Uye46ufLCQ&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEP_HHXeVZ_9-1Uye46ufLCQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY_MaavQEwAQ&v=APEucNUrfgKiCNW-9JVyyVttAt1bB8jaak-YRqfpxivK846EeLB1BqfwzM2TdctoN3rDWjgahzlIR2KMeecP8RId6VW1OzDCY6hyCQS2OiCZfIrpP5DIlxDRGwONU16CpbbzZ4RYDaKQqv6YHu-wqjQ90akaQlC3Dio2gWYU1YwRpHVQYV3AlTY
Protocol
HTTP/1.1
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 11:30:59 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
455b91f6-86da-4ba8-9488-9822ce82c216
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEP_HHXeVZ_9-1Uye46ufLCQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 426F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYzNDE4MDY3NTQ0Mzk2MDM1MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYzNDE4MDY3NTQ0Mzk2MDM1MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY_MaavQEwAQ&v=APEucNUrfgKiCNW-9JVyyVttAt1bB8jaak-YRqfpxivK846EeLB1BqfwzM2TdctoN3rDWjgahzlIR2KMeecP8RId6VW1OzDCY6hyCQS2OiCZfIrpP5DIlxDRGwONU16CpbbzZ4RYDaKQqv6YHu-wqjQ90akaQlC3Dio2gWYU1YwRpHVQYV3AlTY
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 11:30:59 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f04cc9b9-65fc-4b5a-a14d-3f3af20dee44
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYzNDE4MDY3NTQ0Mzk2MDM1MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DC69 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDFKQMBJC8bvRY-UUAKzhvmjccbdMU3aEuQF0oz0pXGLrOzuJe-w-fk_MfOSAfP2xA6w6tlywUDlgVzHNp3u9SixGJm1Il6ccZ2xZSzLuxWmpkHZTvAt5YwitH&sai=AMfl-YSsnt9PwJZJ5tVp8LZX91_eI_fVpwxOMI35uceozkHxkR_-MO-0kDcggGqHz6F6gz-9MH_J6olI5-0S&sig=Cg0ArKJSzCky-0nk0tQ7EAE&cid=CAQSGwCNIrLMRY-t4wxr4F8s-zJemBVzyTDSlssbzBgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=83,729,1001,1072,1072&tos=83,646,272,71,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652614257508&rpt=319&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BA0F 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 10:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 10:16:30 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame BA0F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjhlUsXKpvcnAoqhPwcfcvLSELSRoIUMy4JaLBhMd_RChwCxeN61Uc0GF06ocKJdwv3pzpu-FiF3OpcoiFsufYnI7icFloj1FdDH7RcP9zXwXm7ASxPbfjDTrPFh3KmEs-FwY6Y6_aY9LUbR8qqYIXW7ml9Q&dbm_d=AKAmf-BHdqehwrFXHA17mdVG-FoXKi_v5RT74r5rONsvmXO7qscbuCZP8mzJ4f56jUgjzQSUAO94bTp2GW8vi9U8Bcs0Xi7-TIywM2xEAxH25q9fhPgpsLMbIKutF10epAuj80Ub4xt16-lyi-ehLB2PzoVo5_Z2wJkHlvdcM7TNYKlOh23Cs-6kTJI_bM7pf9jlEEBHf2gJ83y8ljdokkL_6kxt8oJ7Bt7v1YiY8gquMD5Kbfxe2s6j-qIZSXbsoZDlfYiJOb8YAJ9QjC9K75MU3NY0g1g-C9zVC2o_bJYDQlqnDF594v0F7b1gz3D2H9zM5aXZyMiesYVrsqHOQQbzF15U8dDL7kHsfhz1uGoGMLfk5UWxlQGXpHkNBB945Z3kVuJdlxXow5HcII832ibYHS7bxXAD7P--aKfeqIaTgps4StQnkyknnfQaE9ZM9b_IEko5Y-ntOoillRYYNZlIuCwVWLmMo9pnYvJWh799gagugHURFflWPC94WkwbYaLgqx93hsfSaVsgPcDPVSkpu6Cfp_G94AeQHW0Z8VGegEnJKOW1Dm10dbewMqZ8OkkeGTe9o8CtEpYkObCEbBVxXtJax6sMowosNCvA1IFrWWZJKczVocK7Wcw1hD9KWINHdsMCfsplzAu81xNdXgD6m7j_A6Kqe-JdAlQUhUCc4NcoZ33L4yPAWnAyNIaA1UgeF-CcbJV4ffgeOmsJzYgHEWIrV7LdrRKcrt_herFjYLvtBOmBlYTwF31tgGYPopsaEaHrvTpOB_4aknHEDRQ6mqdd3zzG-DI6c540t7tGot6RCF5C039WKT7h18bQ1aUR5eKjsxd4DW9InOLGf4vruagInc-RXRSg2upbvb-as9k2k4cvrnKvCB1jEdWa2CESBdx-zv1aG6Ykz9sez3GZ2rDTD3bdBZw-R5tSWDsF3eqPByY9msqffXmYeGMzsSgVEUeiywIZHtcSd893tiduI1lSVSQ6eJAdPHCIlHMf96tko64bUankQDqt1jq0BaGfUtxVInRtyGSJQ793q7p4VQoCwTtQ6IazhVakXoUgLVhAg5IB5Xqy2iMzS5ADwvG-EI9iWREGSq_QSFCho-kf4u29tKdKjFRYP5eAuGv_yWx5iYEvAoeFd6BjIK6NbuJ3FYi20RwestaaNZRCHmRWQZ7hrylAcfUHANpbwNO1AehfBq1CR6LoEoyv-nSdOSeMxPRD_nQ6yZjUMN6HN3MJSyiH0rKMAto6s-ejmgwMAIaSE-IsG4UTWAw1L_mUShNElugJMG--IhbfG5Z4lhJoPaXie1Oy3715ucdXOfIXG0MhAvl70fPJNTtmahxUfjO8qqXCssbSzsJEXikHARGwFQqAl4Iad9BT-PQAjPAPtnJ02tQHFJDIWjOFwaYSLwSbXkDYIYrIIwNfVj0IHqrGmeEmKOVftcIpGMxFaPS5VrcN8BqmYG2NduLL1l9r3iMGmcNA9EjFtnYQyyXu2D5_v2QpKJAEof3DUmFizjJ7q581H14K-9NWF0x751yTHInmIDRJICSRJE5p7kDcxVlXx5XeEkTi8HAQ48BGorPJYZqGCvYKGG2-SVfeUfDZCQpLJuaZnyQwgI6f2N3SCQM39JD4U_YAIPelCfigikLv4NwlADb8JtEFgKfR19ZK74QSL3JDccyVfL2V_YsB4iX8GzPo5DDDCreJyZR98zzK_piIKzru2iN2BVNOSvACa-61Dv3Bgsd7aoopyJ5dz6xeoZ4LR8OUYQPemknO-4rJmgP0IikbBtKYUl0FUp6-cnLJ8QdoBSpeuVCUdLvs9j_LHhnbclXJznH-7WTOKqFqwSssybyicCE9mzvmHUQMIdMQptd7wGPNkLXlspcVsJMgSEN5JxiW7J_wcqNFAhVyQ-D8EvWspfrsZfi8uSlXdI1J5gfsGIjKjDsVNrb_06-QWWkmZd3AgAp_60oEKTNSrikiKVdC5rBqCQaINGgLWzbF0VUwTWC-8bm7QjvI_-ODN1XcC6MC8yHl0OxAkP4MIGovLep3GLGi47I4iCRdT9kgRhoU55XxMDoC-k_fS2PoI1C1lFZ2t9Tc5ICMDLKrtQ8UCi50Y1hHoJZ3_YrTTdwWHJJq1HDgV5pNh6kmfVd7eMj1d6d0BrJRxsrSH7vw4ZevXOf7l1PKLunOJJEMpkMRj3akKU4EXAB-WaU5jomXP53z8VglYYZuqWEtYSluCpV-RUhM69XWj_Yv6H4dKwInSOJ6OAEl0wQ3oKRXmbUOAvee6GwquWnFeLqKZsgU1YwzstbsKSwmZXCi1AjCzNsplfWVkye763kD1S-0XyY18abVv0d9AG309VNzEaBD6_t-uZHQkvI7RZW8Dq9a6ZRjHHZz6WayHH8rXFnZ7r16XaGONKQ0reSilkOswhgsMMV3nZ7hyHXUHoeZ-ym-E26mjAyiy9Q_HsDwVVgcTAAPGIXZOSb1SwqqEQFMXDU-GMBPjRBWU-zdZOI_VJV6C-mXpgFl7VoaFs6tf4itJM3cBmoumE19WDVHaFJ7wcL62Gh4LmdTt9HMUtSAa6HWx28AwAlspSLApvE5UWJ6F8isaizeesXSs3Zcr2l2r3W7BipTXaWXKphZIK03ATmcPGgkaBTC7PvpLOfGfzRFaWfePavuRHBsY6-Opp6vi8IfkyEpOtPFATx42o7RDwtsE25XhC5kdop_fqwdnbv1PdIY8iJvf5u1MNrilB-8BhOclRN2tWo2NM1zCwR1Keu4uOTMrRibKa9JS6MTYiZq2a0rXPBBamzWCifGfMRQa0bWuceAPGe5v6C0F5E2KxVzhlRwM6WlJoJtw1Mg3OwYvpseGCtX67bIvnoqKKWEKo-RETsvaKtwdjDreQiw00YFtRexQkI9wMxmuR1Kr38iX6Zx8SZdrODRQ1rpl07anDOEv-tK90u6rjNxKbzBtFRa0Cgfdh7WURnzhB7RImkwebqqn2zE3xlvmk-Y-KhPzbe-s3MeF26jyxzZortgetbMKlzCrZnsgHUdEjI7XRFKYolznf3yCcVB0D2JF1Hrlbg3m7Nh3Gh7AirnH66lueZNm8fiDOMXZW5ch8-WR__1QzxbwgcITfQv19MY33fhn_e-TUi72WFy8-cYa1tUI7EVOH4RpcLnV96SyxkwB8dnJfEcMJqzj8NomnqZCHa1psblpBMAcBBVo43eXAmDbb1qpqOQbjOaSLN-dvQDh9LamhTnPmY0vEZv3HKffldj09vZ3_euq6AcsJ6H_Yy1xmCvawfvftlbzCwlsyNRPy9SENZN8cpIuh5Le6QzyEZir1L-XCSF6Kr3yCxEdNpu0RQ4F9BhclcycbEEwUJS-MCwS7H9jh-vU1pRZ-k8hXuQLonWIBgrcwdkcETm4HKYF5QL0vyban20v8wzg_1590eUhFuokFPiZa0MRA&cid=CAASEuRoKnrI7JPsAE8HfXRkDrnSOw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:29:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame BA0F 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjhlUsXKpvcnAoqhPwcfcvLSELSRoIUMy4JaLBhMd_RChwCxeN61Uc0GF06ocKJdwv3pzpu-FiF3OpcoiFsufYnI7icFloj1FdDH7RcP9zXwXm7ASxPbfjDTrPFh3KmEs-FwY6Y6_aY9LUbR8qqYIXW7ml9Q&dbm_d=AKAmf-BHdqehwrFXHA17mdVG-FoXKi_v5RT74r5rONsvmXO7qscbuCZP8mzJ4f56jUgjzQSUAO94bTp2GW8vi9U8Bcs0Xi7-TIywM2xEAxH25q9fhPgpsLMbIKutF10epAuj80Ub4xt16-lyi-ehLB2PzoVo5_Z2wJkHlvdcM7TNYKlOh23Cs-6kTJI_bM7pf9jlEEBHf2gJ83y8ljdokkL_6kxt8oJ7Bt7v1YiY8gquMD5Kbfxe2s6j-qIZSXbsoZDlfYiJOb8YAJ9QjC9K75MU3NY0g1g-C9zVC2o_bJYDQlqnDF594v0F7b1gz3D2H9zM5aXZyMiesYVrsqHOQQbzF15U8dDL7kHsfhz1uGoGMLfk5UWxlQGXpHkNBB945Z3kVuJdlxXow5HcII832ibYHS7bxXAD7P--aKfeqIaTgps4StQnkyknnfQaE9ZM9b_IEko5Y-ntOoillRYYNZlIuCwVWLmMo9pnYvJWh799gagugHURFflWPC94WkwbYaLgqx93hsfSaVsgPcDPVSkpu6Cfp_G94AeQHW0Z8VGegEnJKOW1Dm10dbewMqZ8OkkeGTe9o8CtEpYkObCEbBVxXtJax6sMowosNCvA1IFrWWZJKczVocK7Wcw1hD9KWINHdsMCfsplzAu81xNdXgD6m7j_A6Kqe-JdAlQUhUCc4NcoZ33L4yPAWnAyNIaA1UgeF-CcbJV4ffgeOmsJzYgHEWIrV7LdrRKcrt_herFjYLvtBOmBlYTwF31tgGYPopsaEaHrvTpOB_4aknHEDRQ6mqdd3zzG-DI6c540t7tGot6RCF5C039WKT7h18bQ1aUR5eKjsxd4DW9InOLGf4vruagInc-RXRSg2upbvb-as9k2k4cvrnKvCB1jEdWa2CESBdx-zv1aG6Ykz9sez3GZ2rDTD3bdBZw-R5tSWDsF3eqPByY9msqffXmYeGMzsSgVEUeiywIZHtcSd893tiduI1lSVSQ6eJAdPHCIlHMf96tko64bUankQDqt1jq0BaGfUtxVInRtyGSJQ793q7p4VQoCwTtQ6IazhVakXoUgLVhAg5IB5Xqy2iMzS5ADwvG-EI9iWREGSq_QSFCho-kf4u29tKdKjFRYP5eAuGv_yWx5iYEvAoeFd6BjIK6NbuJ3FYi20RwestaaNZRCHmRWQZ7hrylAcfUHANpbwNO1AehfBq1CR6LoEoyv-nSdOSeMxPRD_nQ6yZjUMN6HN3MJSyiH0rKMAto6s-ejmgwMAIaSE-IsG4UTWAw1L_mUShNElugJMG--IhbfG5Z4lhJoPaXie1Oy3715ucdXOfIXG0MhAvl70fPJNTtmahxUfjO8qqXCssbSzsJEXikHARGwFQqAl4Iad9BT-PQAjPAPtnJ02tQHFJDIWjOFwaYSLwSbXkDYIYrIIwNfVj0IHqrGmeEmKOVftcIpGMxFaPS5VrcN8BqmYG2NduLL1l9r3iMGmcNA9EjFtnYQyyXu2D5_v2QpKJAEof3DUmFizjJ7q581H14K-9NWF0x751yTHInmIDRJICSRJE5p7kDcxVlXx5XeEkTi8HAQ48BGorPJYZqGCvYKGG2-SVfeUfDZCQpLJuaZnyQwgI6f2N3SCQM39JD4U_YAIPelCfigikLv4NwlADb8JtEFgKfR19ZK74QSL3JDccyVfL2V_YsB4iX8GzPo5DDDCreJyZR98zzK_piIKzru2iN2BVNOSvACa-61Dv3Bgsd7aoopyJ5dz6xeoZ4LR8OUYQPemknO-4rJmgP0IikbBtKYUl0FUp6-cnLJ8QdoBSpeuVCUdLvs9j_LHhnbclXJznH-7WTOKqFqwSssybyicCE9mzvmHUQMIdMQptd7wGPNkLXlspcVsJMgSEN5JxiW7J_wcqNFAhVyQ-D8EvWspfrsZfi8uSlXdI1J5gfsGIjKjDsVNrb_06-QWWkmZd3AgAp_60oEKTNSrikiKVdC5rBqCQaINGgLWzbF0VUwTWC-8bm7QjvI_-ODN1XcC6MC8yHl0OxAkP4MIGovLep3GLGi47I4iCRdT9kgRhoU55XxMDoC-k_fS2PoI1C1lFZ2t9Tc5ICMDLKrtQ8UCi50Y1hHoJZ3_YrTTdwWHJJq1HDgV5pNh6kmfVd7eMj1d6d0BrJRxsrSH7vw4ZevXOf7l1PKLunOJJEMpkMRj3akKU4EXAB-WaU5jomXP53z8VglYYZuqWEtYSluCpV-RUhM69XWj_Yv6H4dKwInSOJ6OAEl0wQ3oKRXmbUOAvee6GwquWnFeLqKZsgU1YwzstbsKSwmZXCi1AjCzNsplfWVkye763kD1S-0XyY18abVv0d9AG309VNzEaBD6_t-uZHQkvI7RZW8Dq9a6ZRjHHZz6WayHH8rXFnZ7r16XaGONKQ0reSilkOswhgsMMV3nZ7hyHXUHoeZ-ym-E26mjAyiy9Q_HsDwVVgcTAAPGIXZOSb1SwqqEQFMXDU-GMBPjRBWU-zdZOI_VJV6C-mXpgFl7VoaFs6tf4itJM3cBmoumE19WDVHaFJ7wcL62Gh4LmdTt9HMUtSAa6HWx28AwAlspSLApvE5UWJ6F8isaizeesXSs3Zcr2l2r3W7BipTXaWXKphZIK03ATmcPGgkaBTC7PvpLOfGfzRFaWfePavuRHBsY6-Opp6vi8IfkyEpOtPFATx42o7RDwtsE25XhC5kdop_fqwdnbv1PdIY8iJvf5u1MNrilB-8BhOclRN2tWo2NM1zCwR1Keu4uOTMrRibKa9JS6MTYiZq2a0rXPBBamzWCifGfMRQa0bWuceAPGe5v6C0F5E2KxVzhlRwM6WlJoJtw1Mg3OwYvpseGCtX67bIvnoqKKWEKo-RETsvaKtwdjDreQiw00YFtRexQkI9wMxmuR1Kr38iX6Zx8SZdrODRQ1rpl07anDOEv-tK90u6rjNxKbzBtFRa0Cgfdh7WURnzhB7RImkwebqqn2zE3xlvmk-Y-KhPzbe-s3MeF26jyxzZortgetbMKlzCrZnsgHUdEjI7XRFKYolznf3yCcVB0D2JF1Hrlbg3m7Nh3Gh7AirnH66lueZNm8fiDOMXZW5ch8-WR__1QzxbwgcITfQv19MY33fhn_e-TUi72WFy8-cYa1tUI7EVOH4RpcLnV96SyxkwB8dnJfEcMJqzj8NomnqZCHa1psblpBMAcBBVo43eXAmDbb1qpqOQbjOaSLN-dvQDh9LamhTnPmY0vEZv3HKffldj09vZ3_euq6AcsJ6H_Yy1xmCvawfvftlbzCwlsyNRPy9SENZN8cpIuh5Le6QzyEZir1L-XCSF6Kr3yCxEdNpu0RQ4F9BhclcycbEEwUJS-MCwS7H9jh-vU1pRZ-k8hXuQLonWIBgrcwdkcETm4HKYF5QL0vyban20v8wzg_1590eUhFuokFPiZa0MRA&cid=CAASEuRoKnrI7JPsAE8HfXRkDrnSOw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 May 2022 11:27:31 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BA0F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 12 May 2022 08:23:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 08:23:20 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B9EC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
4994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 10:07:45 GMT
expires
Mon, 15 May 2023 10:07:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.gr.19.8.309.js
static.adsafeprotected.com/ Frame BA0F 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.309.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818610713&campId=15570238777&pubId=1&placementId=396796796&adsafe_par&bundleId=&dealId=&bidurl=https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:42:44 GMT
content-encoding
gzip
age
830896
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 05 May 2022 17:31:51 GMT
server
AmazonS3
etag
W/"25d0c2239b60642eaeddad303e621bd4"
vary
Accept-Encoding
x-amz-version-id
mjEd7PtHn1L574wGfHZ2vjRyhTR.v7IU
via
1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
h9szw-BUH2-LoKuun0umo9pUUDD6fQ2uj-3AM_SoPtgdRo-KeWutaw==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AFD1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
79487
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 14 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 15 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BA0F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3c34d043b5b39d3db3c8a38573b5aec82c009c38a302d4b11d982418b621da5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame AA08 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=QOZy1uOz37rNZbKJ-hVGMvImND9soo8ePsnJZmXfiVL5kI0-TzksUs_FIjDAyvHD3MxBTWxzTAhWT4h4DFdl_WUBQh_4fRQWclToVkm9hjjXt115R9GHVK2mU2XetPJ9XZ8lnEu9nPN9ZO_q0ci1W4vtBlDi4Y6ycHrk2J79ULakKZ-Ca5qnaXTIbQl-PWUCVFwsIBQn2-cIhtl7SE9MMECCA5nbNFoHwZqy3N_TCx6SmUcdNQHtxbyrgN0oeGXhxw-hKg&sds=2&rev=81468.6&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABgawKW-pVAABd1dTVqpjXBZtmZUtX5Q&u=%7CnPe1aGloCQAUfEZKfoujbEPoh3bIMsNS2UZPuX5SbBM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvpOE7Z_QTPgAAvPmGoPqnrQjCtkSAp5RwFYMu1tiuRhiLqWdnkffjJyVgHkvTe4U7tbkEh77FNDdmxP84-oLx9LailDeE9SU5aD1MFfMhBjsy3qOz7mFy1UphssVkQZquQLoy478lx_p3YsWt32KLd7lfXr1Nnu3LT__huApSJ-UYWqypsaHQ_r__l-zUkgUGL8PfpVqVRT082qWX0sE6zOF__XdsdKCZQFjOGOQLUP6DYbRlsFFW4431lNksS5Xv5-gHOlFFNVpP4MnPN225UF0apgo4zWr7p4YuX7YcMCHp83beesydyeB3AxPvZnd_igNgAInNdmjaKIi7vRI5lRp3PTUR1i9qEeZ3mDA1wgUSTRqupDEfgzzAV2dA9BTGg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClY9WceSAYqyDBtXU7wLVu4GwAuSP0rFc_9DZkYgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEuAFP0O3MwAlNjPeibyfHyZj4ZtVIfNPS1Fbw14bR3PfDzbXmyPLuJ1VGA-ZiRSdSSZMicTymW5fl2x9t9PBAwrFeuh6VG7PtXa3t8PcBWmHH-_9WckfN7Phtn7xg0L-b6OOmNbOgefOXy_ftSZQvHmPQL7IBr3GrSQ5SaQWLu9NDO7Drxg4WIORayRT5bqGSCxB-t_cT0gSnPCABBh6-M-5zBmDexvlYnVkcZKcBU_W7K4gnz0uOnmRLgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B3st8XjUnqyfePW8JbZp6ojNyPQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 11:30:58 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
dpixel
cms.quantserve.com/ Frame AFD1 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP9A0FSWPdbrR8iExcAu3Q8&google_cver=1&google_push=AYg5qPKV7sm15s2dF4ZZv1lcoPquuhRPMHo68phL7ayhfvtPgXEtsfjHQ4L7uowFFtQqJjfp5HVtVOr2qJ3KUUvYbcJTNV0n6NlT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame AFD1 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESED-TDRew0hwESUaNenyA7jA&google_push=AYg5qPLwPB58JDUVMMrsCXJB_Ql6_av-jhl-VB1ermX7wQewExLv9n0siRXFiZ6x85XabaJuoLRyomALQSzqYqbplbhaHgmG2cYO&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame AFD1 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGkNI793jHL3d58jGd_JnHk&google_cver=1&google_push=AYg5qPKxipgipv5jOw07A2HVglxUWB5VQm-Eu69yxU9wVZ4aOwB0DPdDe-LMTwa9sAm07AAUtO5llH5zP5M4IGt8P_uOCMo_7FTZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
or090i93our3rv20e7bqiihl43s6mkba
pixel
cm.g.doubleclick.net/ Frame AFD1
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TEULWeZJRZ2E42NmA3LhOQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TEULWeZJRZ2E42NmA3LhOQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8jMeXoqAOn0jQt05ILTY75y7gWJhz_Dsuh5QiQ0qYxZc3Z7iRLZ9asHe44TryiH0RGAkYSHVeDV2TyAhvh-EukoBZZ2w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TEULWeZJRZ2E42NmA3LhOQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8jMeXoqAOn0jQt05ILTY75y7gWJhz_Dsuh5QiQ0qYxZc3Z7iRLZ9asHe44TryiH0RGAkYSHVeDV2TyAhvh-EukoBZZ2w
date
Sun, 15 May 2022 11:30:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame AFD1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELs0Dk5zEwFpgmkvEXVlk2E&google_cver=1&google_push=AYg5qPLI-r4Nf58ykQ0aYKrIaWGy_ilGv7mBkZ_252dOLxYmRxgEtIk6XhcaP5C_hWqh54gF01X...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM3N1VaSUotNS04WldX&google_push=AYg5qPLI-r4Nf58ykQ0aYKrIaWGy_ilGv7mBkZ_252dOLxYmRxgEtIk6XhcaP5C_hWqh54gF01Xaf2D36gBA72N9gyAvD1Auk6U
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM3N1VaSUotNS04WldX&google_push=AYg5qPLI-r4Nf58ykQ0aYKrIaWGy_ilGv7mBkZ_252dOLxYmRxgEtIk6XhcaP5C_hWqh54gF01Xaf2D36gBA72N9gyAvD1Auk6U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM3N1VaSUotNS04WldX&google_push=AYg5qPLI-r4Nf58ykQ0aYKrIaWGy_ilGv7mBkZ_252dOLxYmRxgEtIk6XhcaP5C_hWqh54gF01Xaf2D36gBA72N9gyAvD1Auk6U
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame AFD1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDm71dmanXwbgTQcx_gxS3s&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDm71dmanXwbgTQcx_gxS3s&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoDkc4b8GaWTFpVAWF8Q1gAAAscAAAIB&google_push=AYg5qPL5BmbohM4sBEgOcr8YE1OZG5eh3gTXORMOeR-Zp0wggt2PnioYAfGNzF7-p3Mz5BtVqv1VwQVVebkzK45j9W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoDkc4b8GaWTFpVAWF8Q1gAAAscAAAIB&google_push=AYg5qPL5BmbohM4sBEgOcr8YE1OZG5eh3gTXORMOeR-Zp0wggt2PnioYAfGNzF7-p3Mz5BtVqv1VwQVVebkzK45j9WN38oWOfAE&google_gid=CAESEDm71dmanXwbgTQcx_gxS3s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 May 2022 11:30:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoDkc4b8GaWTFpVAWF8Q1gAAAscAAAIB&google_push=AYg5qPL5BmbohM4sBEgOcr8YE1OZG5eh3gTXORMOeR-Zp0wggt2PnioYAfGNzF7-p3Mz5BtVqv1VwQVVebkzK45j9WN38oWOfAE&google_gid=CAESEDm71dmanXwbgTQcx_gxS3s&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Sun, 15 May 2022 11:30:59 GMT
trk
ag.innovid.com/ Frame AFD1 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJBH3Ct3zjhOxHNLtlO2kf8&google_cver=1&google_push=AYg5qPKYCg8m48pn0-DG2c6txVePAhQ-y6tD3me3m2xGkAaDc__d0CJVv2FdoyGRN9LAadL23eXgZ4Oh8zjJHwcYO7dTsUOVfpQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame AFD1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfxCKjbz-ZjoXUpdNFPuZTvBC2sFazFZb5E4zsWUggFffuqglhCBfESE0Qb_A2ELtbADgA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame B9EC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 13 May 2022 05:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
195408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 May 2023 05:14:11 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/ Frame 175C 		1 KB
611 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38afc590b6348c7e2929654cf19e0f930b02cde4895675b92d3ea412da39c530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
584
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 15 May 2022 11:30:59 GMT
expires
Mon, 16 May 2022 11:30:59 GMT
last-modified
Wed, 19 Jan 2022 15:13:41 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BA0F 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9YaSzY-CMLXlm7IM4Jc-c1-tmzE-nKp3j2jDl5k9FX2yKj5nbZUU1hS1omyCdcYsjVZG-6ffFLnY7ykLXDWTgTSMDyNBYO84DtRM6Nbtuqk-pXxIHco6gWy6fi5h5NNoHwp3K6wv9-snUh4llPOsNw1KUEUs7Xm4aLIG1YSfNETkIofnmw_Frp2m6X2pvX0wo-t9aDO3R6PJsdnd0uUxEguYgJooCwBDfzqGpAwqOG_CJo0F2zKywIYqk115hOJ9prCVuuo9nj1T2JdYnm9XTVUe725NlkjOnsbT8wURPuWqvTBbR3VXd_EnC_lR-AfJzAWqFoNvy1_wFr_kyOP9qAEufsmIfDpnv6C2VPS8ZnRStpc8FN2RTZgXJnwZabCG_emM13nuspZ1IOuIsPdagzYCcwik0uwHNAop8d-cBBn0DN5pdbh6JydaMz0SaPJHjHnmcimo0p40n4oIu0JS1IufuuNmywF8z97Uy3rfCVye7YEfb3cOzznBliYMEnuLrRjc3xQDfTxZqWO5PV43juQI7XZ-wot8dA2mwMifZ_I9ghwvEY5M6w618AxLUh-SazFVJnatAONwqvG7PyOWq0_7q6RSFuHq5nL2pSHCsL8SWb7NCPnwLOcbU4971o7IOKEnvBdQ9fbAf8E-WOKx_xTp6nZPl9WSBENhQgPWmbqpitRy6ryQ6FteJbSVJHtZs7UA-TTK9gGDW6cQLmnnRnhdJtY3iIYQQVX_jv8kcoqIpfFYsI1cTwpXwPgEvSoxKlirrE2wig50LRmHsi2tPWr7t13AhHBOlSudYNZP06dljnAf-DZ7F6MnCxrKusx5OVeVoMH-mXtgodTpPNs0ANlUnsoMDWMo9qMXs4K16B1n2VXLekMo4mNmortJob4RsZ4acyOlp5SCOE059Ujmd-4BAqRBeuWjWEUH0xXbhtxV-9UOKD3bBaz7nH8g58h6_noDUNe3l3qoRFLcXRJlQ3ecVL2BS_VtSLpymHkNkF7Us-YZmDON-DBNYzFNkKSGLLBb_YQDOtGDqJGng2cgjPO3hUkxBnMG3pJujLNYeD6GJrWTvAbZh5Mcs4tNvmAjPeE279ha7B-vLnueOqgmIxWo5E6YU41ia20GscyzP7W-sBPKnLrDuIDPuElKbub-RzT9vs5NUEVp3xYXMEHGEvTiJJEA9y9ti3g4IlrnA0Y6xqKGv0uIWctr-CSEMcokij4GCFBDA3nvc932VE9oZ5ts&sai=AMfl-YTiHZsSqo4uyzNzSD7h9RWdZO9m23Ct7ffE5LuMSzQu10QqBbEbN6YzSZ5cbyrSSgAEfdiTWIRUrkgG1cOWiQIu04bEII-tpJDSMfzQyLReMuwHJVXo5IwnGcxz3h2-fBXDFNTeiswYKtB2vSf3vtaKwf2cQQ&sig=Cg0ArKJSzASVSMoj_legEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=213&cbvp=1&cstd=205&cisv=r20220511.07993&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 15 May 2022 11:30:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame BA0F 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_uk&extLi=26964678&extCr=162811274&extPm=322750364&gdpr_consent=&gdpr=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 May 2022 11:30:58 GMT
X-ET-Code
0
Strict-Transport-Security
max-age=31536000
Connection
close
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Last-Modified
So, 15 Mai 2022 11:30:59 GMT
X-ET-Monitoring
1
X-ET-Camp
1630
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.eu.criteo.net/ Frame DE9B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Z8JUi-Oz37rNZbKJ05qfIwE_Hz2zwVyM5ym81ygQJtotHc6JFDSqevLAc9OcEE07bOaWiYxYFcQF4S5nYHnR5TItpxSevCuVTFEcFGXpx1luWdkVM08f1k9iSwjlunNImId_HFGwrGLUhIf--hNaMsnByu4xZFISBufLgJkQzixhVhfjh37LBq08HugwJY_VfoU5m1yD9gboEbrNLzzb_qhRU6jjNg7xpdytXSxIafO32CEXYfUQz3KuZCN1PzVbc2Cu6A&sds=2&rev=81468.6&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoDkcQABbzkK7LAPAAfeFD5w5PetRhwQ6ufmcg&u=%7CnPe1aGloCQBNS482bKI3RZFUmV2mHlmYIqWmmIh4Qe0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxgOyMIaa_SRzxnQ3lRcCOWvVazy-nn6XNmfuqgaTjGjAJ3d4LACy1aD9KKoqrKFp0IG6AfaGJpOj0tYAAHdyOshGw2B3VQCjqmo3qCn-Fyxdb75pAtDuOjCIRiYymcBMSLlnz5F8rDLuyXaQcB3KKGwerIm-cTRTThyspbN-bbjdYnEV4S_ee1gfkw1cKIzFFXWFIfJ44pMDfgpOpcFZ6tPCS93sXG9k1ebzIo1ttYL307exhRD_jUk_Wf9pOjjN7gLhD_2sZ9tfmVlQHnyWZ4KgrmjYo3pasIlwvpldjnXNXZqX_SI0xvD5kIoAOOfQhQ-c-_EBUEmDNvUktB3GKJF_NPgxZo7Oai7ge1e-TpVGdJu5ovAVyOoBkyHr7nOTJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGvYuceSAYrneBY_gsgeUvJ_QBOSP0rFcj4roiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQIv4D3dqpK0PqgDAaoEvQFP0Dc1eBBw_QFwUEveSc2OfUJnT97lIQZRkInxDmCqltXIve25gUXxDp7Pkm3M1EfA-HcQwvTHAdHpGX8mpbgN7JNAyuf_8CzYRNgNqiNh-A2LoLhQWhDCBxSPUkuVjurBbH7k47LeXnwAP7Ovd2s2RRm7iwaH13N1bxllpRUH92rzDO-C7w-5zxN2an77nTlIrjywlVaEm3Zzb0bJ6wWrc2UhDxD2ICqoABno2ZzyCRPzDtvmlutvKw3eV_2ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PrSRxaULQsVR-ocUGijCSKylQRQ%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 15 May 2022 11:30:58 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=3892788198639432&bg=!5Oel56PNAAZL3OSAa9w7ACkAdvg8WlZk1Z8lO8_5WEGtTzKu2ziC2WR9qjCA7qcTLd2otwEpGixX1AIAAABSUgAAAAJoAQeZAq-WIeyoIAFeJ8S4gWxAIJORMlJnDha9jAEEIaopw2ME8dYjaIRW1zakQhL6WjW4N_kRYF4P10xhwXMRdNWSxUjOijzPS45_kTuXtePFZXP1MQ_g5WhFNtJKeqDZcNI_fkOaTKrmI2m0mcY4A21IU6m8KxBAYHXb3uuK8rJn6Zd9EPoosQj128drBnwNu7jPvxe0LxDEW3PKHiWexAwtxN1-3q_ZwhtOMDdIrhjiKALrt-0k053ri8lxwVeGOIfmkipxMo8dpNxGjx2T8144nkOL7XIhBJBJ5maJH66M-biJ1gLBdW6K97F2nDS-uIvuSu1Og39Ux6GpAcJGz0BZtJd11KbiY9YYDmZtYZdlavZbtZZ-dCp-znwoIwg5w5F_LNY14btiahsMk2fUijaiNS--v0nd0I2wxDfoFaU_7Z4w0NBhiIYU1lrIuJN-SUuWeP6fWrQPueqCbo7Bm2UKcZAwjJPyEbfmNDfoFXjHVAhdw8Owus1QS__08UhnnZOaNBgwg07zWTPyVLMa-T1mpiKCvDpc1v6FZNOl4wGQdL_sE3xZoFMZc7F-Edqteh6tFMYy4bbI1AWRWyijUXNfrWLP7oiekf0GGUkiicn7N03uB5BQKaUIVB1PbC-b2OyrQ9ad1NVnHBLUuASf_emi_ZfPRkD8I5EtK3YjCpUV1Ve2OE1Azh52HN6FX4GqX2AYhCalSkLQfcwC50F3vwN_5-dD7SlSHcWnfRUKb_zQ3HmAnugtg7lD8bVFZLhZ9oZA4Fz9qO7iaaTf9CQPf2WmfraD3QqbGcKHt5xtaj9ICFE_8bYPuD6Jk2CWv3MY2gzN_HT2TOLN45jsF47UMDCN7aeOpvMTDImIC6AkO8U26v7Ucb0WwOPTJDoKc8MSS252nzBIl9KKrulPu7eFj5OoQqU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame B9EC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B09ZxcuSAYrWGNbKDlQeryJrQBQAAAAA4AeAEAg&bg=!xMelx4PNAAZL3OSAa9w7ACkAdvg8WmVB4VeOdvR0Lf7bkuDRTsHbvZxwnEzPN1q6DoGWH5ZNPK5JoQIAAABUUgAAAAJoAQeZAvhrZBus4VlxwJc6xJAqNnMG9kclJ9bDGU952JuHzWMLlaG9xawbtTfV4swH7gi4pYPPu7npIAy7vwj6YNhLlnlXjB-03vWxFzGwUsNxrOHl4Kvd6cS3PlaCQ6lABkQRnhBrjQIOKMr6L0V2wKV9L6lyhMkLXedAjDYZjT_6ToPOXxWNPbYxoNWnSmCns5ubSG0vaGQ8rjO5TC9CClCy1ymBJkE9M_4Ipgc1nQaa74spvAySkSpRKNk5Ib4QqSHY4axebXznl43TCnvRBnl8ePRjp7WIRjcdKhMITBpdhP6TJdHcb7Jd82DSkPZy7_JRYOsSslmk2JjZZpNytkJUI5sXMQwYz8_3-ttdYaT_dItjFJQZT5DwpBE9dkh2f-28INZaYIerddo6fCxiGcWEpYqYYqHhaNRR1hZ5lXFtO9HBSsVgcOG9tJjeUyy7Gd-SfaMhI4th037Z1e1LjX9j4riQiuhZM_N140VtMR509b3yYdU9hS5uKuSi19twpIOXfFp0GrymZ2OMrXkMi20Djkh4fKYF1DDU5uuyRmdqtw-icbPf1C7S3d16YzY4hxb6Jp_hFktgd6nZQeCcvqqXAJZejn8ny5t-ErC7yV9W80dhp1fxeYkedvvhPDgpwQ09sgVmLqhXTQjQl7IKRjHp7GGS3kmRFHXlLSAAV-UtTRk77TqueaqPK757mx7jFTuz6Obnb3t30q1Xd4DCZD06JX3dqLKY5ex_WnQFBaXdn6f3fK8puMqd5dW8nkfd35LTw2d0vgP_1MwvmvOSzUpyOOK3i9h_OVjR829nDqKqpEXpWa81byn3f7KCnSfxKBqQuIpt3YkNmkZ2lJ2iZQOBeJm5iMkY7-1txOB_sFVWEqvYOEU0RruDIFUnRWH1mqJ_nuZPviqAoMs_rWq5qn7fep00WyjjJAqu5F6HH1M7ashXMkeuA-lji2KdYjNyMdyGLPlAGGcUpS5CNaNjgLxdnma_9uPgDmIT0PDOCRua75i8jvmjILupfxkU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.5.12.js
static.adsafeprotected.com/ Frame 5F91 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 02:32:42 GMT
content-encoding
gzip
age
3488298
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
Ky_5w1NJITvcsE0JDCLIZkghiQsC6R_iyjgxG-tf462IjrghFlW-Jw==
mon
pixel.adsafeprotected.com/ Frame BA0F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=818610713&campId=15570238777&pubId=1&placementId=396796796&adsafe_par&bundleId=&dealId=&bidurl=https://gumoreska.in.ua/&adsafe_url=https%3A%2F%2Fgumoreska.in.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fgumoreska.in.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9735848914219258%26output%3Dhtml%26h%3D250%26slotname%3D3497597976%26adk%3D4253229104%26adf%3D3524019181%26pi%3Dt.ma~as.3497597976%26w%3D332%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1652527619%26rafmt%3D1%26psa%3D0%26format%3D332x250%26url%3Dhttps%253A%252F%252Fgumoreska.in.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1652614256660%26bpp%3D1%26bdt%3D302%26idt%3D271%26shv%3Dr20220511%26mjsv%3Dm202205100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1160x280%252C808x280%252C808x280%26nras%3D1%26correlator%3D6067182317130%26frm%3D20%26pv%3D1%26ga_vid%3D493610250.1652614257%26ga_sid%3D1652614257%26ga_hid%3D38198414%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1068%26ady%3D503%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C42531549%252C44761044%252C31067068%252C31067528%252C31064019%26oid%3D2%26pvsid%3D3892788198639432%26pem%3D436%26tmod%3D1827051139%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26xpc%3D5u2mnDKMTo%26p%3Dhttps%253A%2F%2Fgumoreska.in.ua%26dtd%3D273&adsafe_type=bd&adsafe_jsinfo=,id:1adf3c6d-eec6-8ee6-dc98-4b397848b5b1,c:cGko6l,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-vl9rn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:242,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:261,oid:7e13ce54-d442-11ec-b949-e6a898b1ac28,v:19.8.309,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.58.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-58-169.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame BA0F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGko76,pingTime:-3,time:308,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:309,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6bee:4213:bce0:1d02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame BA0F 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGko78,pingTime:-6,time:310,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:310,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:gumoreska.in.ua*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6bee:4213:bce0:1d02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 175C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 10:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 May 2022 10:16:32 GMT
preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 175C 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16579
x-xss-protection
0
last-modified
Mon, 12 Feb 2018 18:09:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 11:30:59 GMT
tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 175C 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38407
x-xss-protection
0
last-modified
Wed, 04 Oct 2017 18:33:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 11:30:59 GMT
en_GB_polite.js
s0.2mdn.net/creatives/assets/2377528/ Frame 175C 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53657aad91e8acd57b698f1c870b19257b454563162f6ba5fafd0328de064e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28008
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:44:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 11:42:27 GMT
dt
dt.adsafeprotected.com/ Frame BA0F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGko7h,pingTime:-2,time:319,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:213,beZ:215,mfA:456,cmA:458,inA:459,inZ:465,prA:465,prZ:469,si:475,poA:475,poZ:488,cmZ:488,mfZ:488,loA:523,loZ:525,ltA:532,ltZ:532%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:319,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,sinceFw:56,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6bee:4213:bce0:1d02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame BA0F 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9YaSzY-CMLXlm7IM4Jc-c1-tmzE-nKp3j2jDl5k9FX2yKj5nbZUU1hS1omyCdcYsjVZG-6ffFLnY7ykLXDWTgTSMDyNBYO84DtRM6Nbtuqk-pXxIHco6gWy6fi5h5NNoHwp3K6wv9-snUh4llPOsNw1KUEUs7Xm4aLIG1YSfNETkIofnmw_Frp2m6X2pvX0wo-t9aDO3R6PJsdnd0uUxEguYgJooCwBDfzqGpAwqOG_CJo0F2zKywIYqk115hOJ9prCVuuo9nj1T2JdYnm9XTVUe725NlkjOnsbT8wURPuWqvTBbR3VXd_EnC_lR-AfJzAWqFoNvy1_wFr_kyOP9qAEufsmIfDpnv6C2VPS8ZnRStpc8FN2RTZgXJnwZabCG_emM13nuspZ1IOuIsPdagzYCcwik0uwHNAop8d-cBBn0DN5pdbh6JydaMz0SaPJHjHnmcimo0p40n4oIu0JS1IufuuNmywF8z97Uy3rfCVye7YEfb3cOzznBliYMEnuLrRjc3xQDfTxZqWO5PV43juQI7XZ-wot8dA2mwMifZ_I9ghwvEY5M6w618AxLUh-SazFVJnatAONwqvG7PyOWq0_7q6RSFuHq5nL2pSHCsL8SWb7NCPnwLOcbU4971o7IOKEnvBdQ9fbAf8E-WOKx_xTp6nZPl9WSBENhQgPWmbqpitRy6ryQ6FteJbSVJHtZs7UA-TTK9gGDW6cQLmnnRnhdJtY3iIYQQVX_jv8kcoqIpfFYsI1cTwpXwPgEvSoxKlirrE2wig50LRmHsi2tPWr7t13AhHBOlSudYNZP06dljnAf-DZ7F6MnCxrKusx5OVeVoMH-mXtgodTpPNs0ANlUnsoMDWMo9qMXs4K16B1n2VXLekMo4mNmortJob4RsZ4acyOlp5SCOE059Ujmd-4BAqRBeuWjWEUH0xXbhtxV-9UOKD3bBaz7nH8g58h6_noDUNe3l3qoRFLcXRJlQ3ecVL2BS_VtSLpymHkNkF7Us-YZmDON-DBNYzFNkKSGLLBb_YQDOtGDqJGng2cgjPO3hUkxBnMG3pJujLNYeD6GJrWTvAbZh5Mcs4tNvmAjPeE279ha7B-vLnueOqgmIxWo5E6YU41ia20GscyzP7W-sBPKnLrDuIDPuElKbub-RzT9vs5NUEVp3xYXMEHGEvTiJJEA9y9ti3g4IlrnA0Y6xqKGv0uIWctr-CSEMcokij4GCFBDA3nvc932VE9oZ5ts&sai=AMfl-YTiHZsSqo4uyzNzSD7h9RWdZO9m23Ct7ffE5LuMSzQu10QqBbEbN6YzSZ5cbyrSSgAEfdiTWIRUrkgG1cOWiQIu04bEII-tpJDSMfzQyLReMuwHJVXo5IwnGcxz3h2-fBXDFNTeiswYKtB2vSf3vtaKwf2cQQ&sig=Cg0ArKJSzASVSMoj_legEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=551&vt=11&dtpt=338&dett=3&cstd=205&cisv=r20220511.07993&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 11:30:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 175C 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2c143ec4b42d88bc64d28ee75449c01366f9affdfe1c8fcda6a1d80401c7abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 15 May 2022 11:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5577
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 175C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 May 2022 11:30:59 GMT
dt
dt.adsafeprotected.com/ Frame BA0F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGkoc4,pingTime:-10,time:616,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1652614259660%7C%7Cc79d4d254136d59ceaa8d042ae6634aa%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C51f91d5926ad59af9f8cf90e58c6a821%7C%7C3475894977580df27d03f09e7ede15f0%7C%7Cb00b5e4af0eead80f32ef2d1a5339277%7C%7Ce642090c97095fb097fe543bcd66382b%7C%7C511537efc7dfc829b2d83031808f3506%7C%7C1629390669%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1652527619&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652614256660&bpp=1&bdt=302&idt=271&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=6067182317130&frm=20&pv=1&ga_vid=493610250.1652614257&ga_sid=1652614257&ga_hid=38198414&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531549%2C44761044%2C31067068%2C31067528%2C31064019&oid=2&pvsid=3892788198639432&pem=436&tmod=1827051139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5u2mnDKMTo&p=https%3A//gumoreska.in.ua&dtd=273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6bee:4213:bce0:1d02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame AD08 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 13 May 2022 05:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
195408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 May 2023 05:14:11 GMT
300x250_NH_D_AP_Pavilion.jpg
s0.2mdn.net/creatives/assets/2373736/ Frame 175C 		20 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2373736/300x250_NH_D_AP_Pavilion.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9a2209b76c330835f984b41718037c633fc2dff3f1bdf883b2e8810fdc4a3ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:24:13 GMT
x-content-type-options
nosniff
age
406
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20674
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 07:37:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 11:39:13 GMT
dt
dt.adsafeprotected.com/ Frame BA0F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGkof4,time:802,type:e,im:%7Bpci:%7Btdr:506%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:802,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B554~0%5D,as:%5B554~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:145,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6bee:4213:bce0:1d02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:30:59 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
792d6278-2b0f-4b71-a02a-8717af30dc51
https://s0.2mdn.net/ Frame 175C 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://s0.2mdn.net/792d6278-2b0f-4b71-a02a-8717af30dc51
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9a2209b76c330835f984b41718037c633fc2dff3f1bdf883b2e8810fdc4a3ca

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
20674
Content-Type
image/jpeg
en_GB_imageanimation_NH_D_AP_Pavilion_300x250.js
s0.2mdn.net/creatives/assets/3199196/ Frame 175C 		41 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3199196/en_GB_imageanimation_NH_D_AP_Pavilion_300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cb133c78f4486f82ef9768930e887c39320ac5431e78ea2cc4ae2a90c3a740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23720
x-xss-protection
0
last-modified
Mon, 09 May 2022 13:54:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 11:39:14 GMT
js-animation_en_GB_imageanimation.js
s0.2mdn.net/creatives/assets/3389262/ Frame 175C 		75 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3389262/js-animation_en_GB_imageanimation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
887bbef2171d49c602ab37b73b95b357191fd804e7f51ba15c15b750126645dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61411175/20220119071341697/index.html?e=69&leftOffset=0&topOffset=0&c=XRfgnBEqut&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 15 May 2022 11:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20098
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:44:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 May 2022 11:42:29 GMT
truncated
/ Frame 175C 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
NH_D_AP_Pavilion;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMItYfn7rPh9wIVskHlCh0rpAZaEAAYACCKm9FNQhMIkMTG7rPh9wIVGgL5AB2hUQtX;stragg=1;&timestamp=1652614259946;str=LH/NULL/927/amadeusBestPrice/ Frame BA0F 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItYfn7rPh9wIVskHlCh0rpAZaEAAYACCKm9FNQhMIkMTG7rPh9wIVGgL5AB2hUQtX;stragg=1;&timestamp=1652614259946;str=LH/NULL/927/amadeusBestPrice/NH_D_AP_Pavilion;strtype=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:31:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame BA0F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGkonp,pingTime:0,time:1319,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:261%7D,%7Bpiv:100,vs:i,r:,t:1318%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1318,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1071~0,0~100%5D,as:%5B1071~300.250%5D%7D%7D,%7Bsl:i,t:1318,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1071~0,0~100%5D,as:%5B1071~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:102,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6bee:4213:bce0:1d02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:31:00 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame BA0F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnZWMTiEyvypUNMlgWE2e3W6seIhS5mP6zVJ9Vx94u9kc9ZHRvzzo9uftozZhdAvZ0BSp4_kUZZyu2QgJByomx6lL_5XGwX0C4I6OYADqhYkmWqE-iGGaWYlWg&sai=AMfl-YSrtFPEit7Xt0fuAQokezcEg_Wk29-AVuX9HFP_NWRegSB8E9q56CF3sZ-xk3ST537IvDc_lCaLodNdH2GQWKzgzCi7fy2Um3o&sig=Cg0ArKJSzAnaRroTc1KrEAE&cid=CAASEuRoKnrI7JPsAE8HfXRkDrnSOw&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4253229104&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652614258831&rpt=530&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 May 2022 11:31:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame BA0F 		0
0
dt
dt.adsafeprotected.com/ Frame BA0F 		0
0
dt
dt.adsafeprotected.com/ Frame BA0F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRoINc9R-bXpzR8TVQVecz9Q6HP_48EyEZhVK-F7oOvtB86IXrKhuaT8dKEz_VDDHfqfSRFrvkwG90dHUzReKROg&sig=Cg0ArKJSzIUUc29APJn7EAE&id=lidartos&mcvt=402&p=0,0,250,332&mtos=402,402,402,402,402&tos=402,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4253229104&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1652614256933&rpt=878&ec=0&met=ie&wmsd=0
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGkoDy,pingTime:1,time:2320,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:261%7D,%7Bpiv:100,vs:i,r:,t:1318%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1318,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1071~0,0~100%5D,as:%5B1071~300.250%5D%7D%7D,%7Bsl:i,t:1318,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:104,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGkoDy,pingTime:1,time:2320,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:261%7D,%7Bpiv:100,vs:i,r:,t:1318%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1318,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1071~0,0~100%5D,as:%5B1071~300.250%5D%7D%7D,%7Bsl:i,t:1318,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:104,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=1adf3c6d-eec6-8ee6-dc98-4b397848b5b1&tv=%7Bc:cGkoDy,pingTime:1,time:2320,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:261%7D,%7Bpiv:100,vs:i,r:,t:1318%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:1318,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:260,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1071~0,0~100%5D,as:%5B1071~300.250%5D%7D%7D,%7Bsl:i,t:1318,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:104,fm:t5TX0Og+11%7C12%7C131%7C141%7C151%7C161%7C162%7C171*.925113%7C1711%7C1712%7C1713%7C1714%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer object| Wpfcll function| wpfci object| adsbygoogle object| h5abPrintSettings object| copyTheCode object| kk_star_ratings object| mPS2id_params object| ajax_var undefined| $ function| jQuery object| ASL object| CopyTheCodeToClipboard object| CopyTheCode function| loadCSS object| Pace object| AOS object| StickySidebar function| ClipboardJS object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp undefined| asl_init_interval undefined| asl_init_interval_tries function| asl_SimpleBar number| c2 number| c1 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| google_tag_manager function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

23 Cookies

Domain/Path Name / Value
gumoreska.in.ua/ Name: pll_language
Value: uk
.gumoreska.in.ua/ Name: __gads
Value: ID=603d8f96b7068d55-220cc36794cd003f:T=1652614257:RT=1652614257:S=ALNI_MZ9uI_NW0i4a5fWJtgYg0eRrjEL0A
.gumoreska.in.ua/ Name: _ga_XD2CSE5HNH
Value: GS1.1.1652614256.1.0.1652614256.0
.gumoreska.in.ua/ Name: _ga
Value: GA1.3.493610250.1652614257
.gumoreska.in.ua/ Name: _gid
Value: GA1.3.1019821798.1652614257
.gumoreska.in.ua/ Name: _gat_gtag_UA_131431071_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmv-pG5IktUQ85NgIh5NmJyn3ZmLu4urn8Wngd4OrW1JzRq3ZGV3d4EciSKXDc
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 6634180675443960351
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IliDk%OV!@wnfH8K6pQK`!5=E<*L5>xh2mWYUc5*Y99?Z-Z34AfAI4xS)%>zPw'oxg-_%nugO%v4VB%nluW)kL%q
.casalemedia.com/ Name: CMPS
Value: 686
.casalemedia.com/ Name: CMST
Value: YoDkc2KA5HMA
.quantserve.com/ Name: d
Value: ECwBCQGSJoEA
.quantserve.com/ Name: mc
Value: 6280e473-33f03-09d30-4a67d
.casalemedia.com/ Name: CMPRO
Value: 711
.casalemedia.com/ Name: CMRUM3
Value: 2d6280e4732760CAESEKC_5B34yGgqJ6g3SIb69bU
.casalemedia.com/ Name: CMID
Value: YoDkc4b8GaWTFpVAWF8Q1gAA
m.exactag.com/ Name: exactag_new_gk
Value: 6bcf46777881417a8139e61ccb9dd736%7C14.07.2022%2011%3A30%3A59
m.exactag.com/ Name: exactag_new_uk
Value: 6cabfdaaad924176b83854c854720776%7C
m.exactag.com/ Name: session_session
Value: 87170d7a869e424da69c3d3e
.innovid.com/ Name: uuid
Value: e7310127-7e7e-4a4f-89df-a712845ca90a-20220515 07:30:59
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4C450B59-E649-459D-84E3-63660372E139

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gumoreska.in.ua
ib.adnxs.com
image6.pubmatic.com
m.exactag.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
rtb.nl.eu.criteo.com
rtb.openx.net
s0.2mdn.net
sp-ao.shortpixel.ai
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
dt.adsafeprotected.com
pagead2.googlesyndication.com
142.250.184.226
142.250.185.162
142.250.186.34
178.250.0.160
178.250.0.162
178.250.2.135
185.152.64.17
185.33.221.89
198.47.127.19
23.35.236.247
2600:1f18:1aca:4280:6bee:4213:bce0:1d02
2600:9000:224a:600:8:48e:53c0:93a1
2606:4700::6811:190e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c02::9d
2a00:1450:400f:803::2008
2a02:2638:1::2
2a02:2638::3
2a02:2638::b
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
34.243.58.169
34.98.67.61
35.186.253.211
69.173.144.139
77.83.100.33
85.14.248.72
03d4bd788f7170dc78afacb307ba103f14b5e6f7835776bc339b85cd9fc15e51
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
086413abb743a99aef6a2ebfdc91f9a47c866b9c83e99529b4985da830eda0f8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137a856e42188665b9a11c046bd40165095e63557768922d21ce88757ce50b59
17ab18efb06d6e99214141753b3d058c23239473ac62acdbe307faba26c88c82
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19be0b2a57a018298533c06588dabd658bff8fb35de91f1cd0127686ccdc0d5d
21496c6a7b5538225d8ab5e258591f7d623ef1ce98916403e212d35618fe74ba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6
30804129e06d3756215af414c75d8f0f4b17aaf6df4e817d17132ecfa113fa80
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
38afc590b6348c7e2929654cf19e0f930b02cde4895675b92d3ea412da39c530
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
43cc4405f112007891ce897704a3c51090f06518ec5f412abdc41a6946972723
4563cd1462210ae5ce2caf2ae9f5568b5ccfd8cfcb57c1a3c9cab732687a6f94
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc2da72121c595272eccccf3079a3d86ae00878466429c8cd7513904436c5c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e08910e9e080a93ffed40309b770bf22f88512757e0986685c9c1b90665433a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d82014097d60e740173746edeb6cbcfedd31a3006e2ff34954435284fd663a
52baa64cba73862de3d77b1c99bfb81597f91f66c34b28e1b6ad21f88ee6bf5c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ccdeafb53532a4b7ce2478be2401a4a9bbdb99a74f17ba244906184ee4993cf
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c74663c6479cf7297aa2159926255b58e2cd6725f4393c58172480a31dfea91
6cd9dcadb5a76a70af536b935023e99ee8e851bbf6913eac749abc254272c036
6f792aa0206c73c31d646de35f0d9dbb297bafb34872ec0e37975e533d1f75a9
764343b18530f180a417ecd0671fc07d92059bf7caca1d0f42f063ecdbb249c0
7675ae2ef7a70005c61495ea29caf5e2113d2d610b89d1a9cdb9f4b297f9303b
7a5f808ab3e1d2ecf9ae2f1cc8528b9043d988d489f51f98719ad8948cf8b89c
82edc28ef9ebd83e39ae5333fadf4e8a0977c5be47bf6956417e2c526e882ed7
86a9d4a77f503c5c43e726368e332bbd7b4aa6f3096ef3aa7610987c1279d98d
887bbef2171d49c602ab37b73b95b357191fd804e7f51ba15c15b750126645dd
899d28665a6cee2074011a8b79e816a32a7037a456b9cb2a21cb48764adeebeb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f9a373f263c5d3e2f220d40ff42c118cd9f39b70e9a2d75c502d84ad63b51b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb133c78f4486f82ef9768930e887c39320ac5431e78ea2cc4ae2a90c3a740b
9e794e07348dabfa6c210f66b36b741268a8ac1003214a5b6bf8974d3655ab1b
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2f085163f7ed9d5df9e579bde6589a6dd605b62a9e6bfdeb086b136c74380ac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a829576800d87899f2f5462524e56a31f225a2d22416950c4bfc730b18b54673
b10f1cbed0fd9ae8d2029eee19ee34996453fc31fd09bc113a5597712c547019
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53657aad91e8acd57b698f1c870b19257b454563162f6ba5fafd0328de064e9
b6ad1439a7cde5f5a9db029d88c07c65a3b063042a09e2c522676247f54a2daf
b9a2209b76c330835f984b41718037c633fc2dff3f1bdf883b2e8810fdc4a3ca
baaa3c0c75e039b3ff942ed75a14dac103ecc071ce7945e862f1140c888c138f
bed6cef3a2a83b0bfc42310907aa856549a86c15b7f3103d936c3d436bdd0655
c1745cc948025f24d64899c527ee3754d820afd13161854e635e844952137920
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
cb456fc6973f7f43835192e0502b08aa19971ea6631c8d8ac37618b50770b3a4
d2c143ec4b42d88bc64d28ee75449c01366f9affdfe1c8fcda6a1d80401c7abc
d39b97ce366b0559a32a72e6442cfa49f415ffd3bd000e425eea7c031b3655a4
d3fce3bfc73a6ea0b84ca2a1164990b0eeae97c638a6778cc51fb58afb50ba31
d70c2766b7c42f0b2418b6ea551262fb3750ec117c5183e02a388c2bb6a34b4d
d9d5c18ebfb8229b74aecabf7406b9a01f9884403233efb1ba1f86439b6b03c9
dbde1c54b8ef84dc09a80da6c920b66b80be21dbcdd68a3de24756463abea83d
dc08e684f06e2f566c9db513023cfddd5809a3cb6467f9575704a8fdac9e1991
dd653cbca130a59d4c699ef1c48afb55d7a96b2fb1f1e7f87bd0038fcfc3261d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5a5182e6f452dc9aca18f54d9d6f7e4007fe47a7a87cac07a658895e6af0a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee45ebbc35d0a3ce96de731e84176c69be057b2fa3bde8f789b1e800055f8a27
ee68533cc1601c6f97c071eff6f3cd05f0b4a4738ff1bbd21f37a58eaf513218
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef47db6f7de15432f0ef629e32f414d08c3b0043a02bae98e9d498caffdec420
f0444a8e18f34a8af8d801f2b1e1c38e00ebef1df2432000f57d3498cf0018e9
f3c34d043b5b39d3db3c8a38573b5aec82c009c38a302d4b11d982418b621da5
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
feadc482a8ab9a4ab5123564cc23d4e011f59cf749e5455c434487a195df6397