zhovta.ua Open in urlscan Pro
144.76.118.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zhovta.ua/
Effective URL:
https://zhovta.ua/
Submission: On May 30 via api (May 30th 2022, 12:36:42 pm UTC) from GB — Scanned from GB

Summary HTTP 169 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 17 domains to perform 169 HTTP transactions. The main IP is 144.76.118.10, located in Germany and belongs to HETZNER-AS, DE. The main domain is zhovta.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 8th 2021. Valid for: a year.

This is the only time zhovta.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	144.76.118.10 144.76.118.10	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
6	2a00:1450:401... 2a00:1450:4014:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4 9	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3 4	142.251.37.98 142.251.37.98	15169 (GOOGLE) (GOOGLE)
3 5	184.87.213.8 184.87.213.8	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.250.52.20 34.250.52.20	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:ac00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f18:1ac... 2600:1f18:1aca:4280:c87d:9204:da04:656d	14618 (AMAZON-AES) (AMAZON-AES)
169	29

31 144.76.118.10 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: zhovta.com

zhovta.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.zhovta.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4014:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.37.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.87.213.8 (Milan, Italy) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.14 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.52.20 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-52-20.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:ac00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4280:c87d:9204:da04:656d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	1013 KB
31	zhovta.ua 1 redirects zhovta.ua s1.zhovta.ua	836 KB
23	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271	225 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 242	278 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 738 static.adsafeprotected.com — Cisco Umbrella Rank: 548 dt.adsafeprotected.com — Cisco Umbrella Rank: 482	96 KB
10	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 304 ajax.googleapis.com — Cisco Umbrella Rank: 277 fonts.googleapis.com — Cisco Umbrella Rank: 42	207 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	237 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518	4 KB
4	gstatic.com fonts.gstatic.com	148 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	4 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3528	52 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 286 www.google-analytics.com — Cisco Umbrella Rank: 35	37 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	427 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	114 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 624	70 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5121	792 B
169	17

	Domain	Requested by
29	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com zhovta.ua 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com s0.2mdn.net
19	s1.zhovta.ua	zhovta.ua
17	s0.2mdn.net	zhovta.ua s0.2mdn.net
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com zhovta.ua googleads.g.doubleclick.net s0.2mdn.net 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com www.googletagservices.com
12	zhovta.ua	1 redirects zhovta.ua
10	googleads.g.doubleclick.net	78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com zhovta.ua
9	dt.adsafeprotected.com	78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
9	www.google.com	4 redirects tpc.googlesyndication.com zhovta.ua 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net zhovta.ua
6	78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	zhovta.ua 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	tpc.googlesyndication.com
4	mc.yandex.ru	1 redirects zhovta.ua
4	maps.googleapis.com	zhovta.ua maps.googleapis.com
2	static.adsafeprotected.com	78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	zhovta.ua
2	fw.adsafeprotected.com	1 redirects zhovta.ua
2	www.facebook.com	zhovta.ua
2	connect.facebook.net	zhovta.ua connect.facebook.net
2	www.google-analytics.com	zhovta.ua www.google-analytics.com
2	ssl.google-analytics.com	zhovta.ua
2	code.jquery.com	zhovta.ua
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	ajax.googleapis.com	zhovta.ua
169	29

This site contains links to these domains. Also see Links.

Domain
business.facebook.com
ru.zhovta.ua
robota.zhovta.ua
dim.zhovta.ua
auto.zhovta.ua
zhovta.info
www.facebook.com

Subject Issuer	Validity	Valid
*.zhovta.ua Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-08`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-06-06`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://zhovta.ua/
Frame ID: C753EFD9521C242E08C3D4B95FD57AEC
Requests: 57 HTTP requests in this frame

Frame: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A803EC3113742F9A00771684FF0E5F55
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0C4C5DA63A4941135A4D8363DEDED701
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC22045F017709C29BC094FF3937486F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B418A21418AD320869D91E8BFFAAA5F5
Requests: 2 HTTP requests in this frame

Frame: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D7B16AD1FBAA11BB1C9D0A3A42FAA034
Requests: 1 HTTP requests in this frame

Frame: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 652D3B293B0A426D704D918704ECFA80
Requests: 7 HTTP requests in this frame

Frame: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8F8E328AEBFABB2993440C2BDBBB9759
Requests: 7 HTTP requests in this frame

Frame: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A79D67C24BAAB5AB83B242E57A1D68A2
Requests: 7 HTTP requests in this frame

Frame: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5733D4864094DED8F48B571D3CEC9310
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html
Frame ID: B41BC022BE666057140DC5D79D5BB46C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html
Frame ID: 9BA3A0524397CF212F220D295A3CD506
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F2A628E6504AB255F9FFB30F0949A513
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEYg_-QywEwAQ&v=APEucNUK2f1lVTi_KyW-N9rfjzg99-fKsbPrkD3jRPcYP8mLndG6BEgZg_UbrO_7_Phq3AGBPazR-NiqshzaqBApb0VKiCThQQ8KwKBHTM4CYeHzenQeZalyD7TeYwt_TwQIIuEruX-MEc0ctPU0oLCPC8NS4jvo9OzW2vlM-izp9Fy-E3iXnZ8
Frame ID: F7C3A0E5E7A8614D52717696EC38DF23
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLnaTkJsz9pv5E4p_Pj7VyHkNnwIdqRmWg_KWeH-xKHjNwNxv1mUB2OMq4L-zqZiVxy7xDx7iLXyx9T1HjQCh_tZ1ioWy6YT_oC43ugXjpKIGzt1w4fQzI41XDpyAcJffZthWILQgbVfyYvZkHnHbhqF437g&dbm_d=AKAmf-Ass1-b_dyhL8kVu6htA0_pN3beHBYWqlsxJ3PhxDpZhHzOh4Uxzueyp5g7PhaI_bIASZHzgDFuQcyC6bQxM7_RMnn6z-4oarPdO89ORuPqRk4vDduR-0WU0v5DvzrR2hkK6J2rGsId8uoHZ6KJ0YklZodMQ8X74YWQAQR4P6F6rLIKBHppyU6solAyj8qWAC1ezmpDZG878WN67dZ9eOF7Bk7962vGj_vKF_sMeSrFQEhAliXfjbhB13SuqI1etcPH0KIgTeLtjfB11tdLqCq8zMNgLxBKrP-LQs4xEJyqOqQSLqIGvFfiagwCNMBLJf2cHCQmD6Heev-KvfRZKszEj-OcyWSeZF66aWKDZJIZXQqjUCK8vwNxSIpaQmKZH1iL54RLsxhClJoH0DRDjcccwSmIdH2lva1h2lZC4FwIP6VPHkbKMu9Bz803SEoBHb5tYey8lDYVkwj-K1yTwXAwTuzWfbj_C_LE-OESoZu7iKD7QmUwZP_HV4HmuIKpnqTz-N0zbLYRHpgfmm1goOKaxNbYLj6_hB4tzBE-ICgOGoSVQn6lgBzDivzam1QRGPNJ2W4Cmk8RDs-F4xRlwpe5cAjT3aaGTr2Kgq2Gw734SSYtbbp2d6fHYBL5P5qLyojJxQ4776kObFeE2xruqsUyO0UjIYYnGy2THUigQOfvA5VSac4_JJ8OapOdKPWMf66MHlc_yJIBxGJqwZukq6CwN-qm5N5pNZom_yMjLzMV9_c6z2kIO0EByN9aQegMzZyjnHFALSJHy4Vk9oHbDyPj0Q2iwT_BOPu-T_Q0c1f6gPz0FkLEQpk2KaxkdcTijp2f0zn2EYMhkmeONH9UHgovLwAj72ESVXyHqEAmKLWypLfalD3wC-JV0wt2ZwDKA98aW7KP75JO3AReLrCpsKGWxJ0WkIEsgyWXpWLgmUykLFCNQLxMjNgM-Q4s-DY6CTst4HLdPKGnwGMPI7AuMr_VqwQF8R6wPzEUSLV6Qk2vNXfLYkMFeOWUuHGlMEpzAxXXBjhCmlzflh1c9Pv3Vo_j7Gml8MrZZqX4woCXSkg7H5Fb16xDjuW3TY7rBmMAocYrXklF4QHHbMN2FJpEaEpqeIHey-XDHAQKzDbam47SwC82K9N6dqgqzLUvprff8TFy_FdU8I8guAqCZFWsjbsV4suCzRv-a2HfZQfab4wTGUIo5RUYp0Yd4T2O9liouAOgrYo1fbw6KU7ILSE6_od97WqutcekTrFzDcFIroOsrBmtYm0hOShxfvGQkcqSpwfMCiPntf8hB-FezosWfHckv3ht3zpO53w5OHwW6F2jziKjmRjp6O509Z4T8mlwOH7_ENf_vNZX-VLEwbDzrp7gr8PPyX4WKVluSfwF-zf8n02BDVna7wSzAOOri_ybG90QTbAEo80ePdLjZ30VRg9ilVqRlrlQ9nQxSSCVBaRlK21r8md8bGdRpcK3xQLes7UMqmvi1wbe-n2_qISmnDlsmvOBG4151TDAo9Vz6l2F6Po4X4GZp025EmNbEgCTO3CuSOzggY_93ymcerS1K1KFYqybKaqLOMWgHtWyn_1k6Hl4pRVoOB5U-TT3tkmGJd2EnIpmxHWF4aqKS2EARmKpAdEiF-cJ56HSdWl77P4KVXZKslnNbqbnskCl5fo8WLDC2zfQ4fprT5ELTAgBGCfLYOP1Vx4xz75kXIxy_OGoiJDTfg2W6NSgI0GRqYi1ol_f1_YzCpbSaz7TGGrC_RXVkOfCULVUeAfMRcCZbvOQIJHKejR-g5BWsiHZAezeJhTduKwCsznBF7SW1m0k57bedPd6l2KsYX31GxfDRzs9IztlAUMdkZb45XBkIVHTO2No22Qtg5kzxrPZvo4EOtqnmW1fbwH98iw_za0FBrbOxqmwIEZYbxYxlgGmBUzgRE3H7ixhb12GO5rl0p4_4vz6SG9tnUa7AwXHXRFh5x4KGGkurxIwpFVAVV72rQlhwUxs4meFCBhnJCveODKt_MKx_8t5y8LMbSb6cpl3HgSFRRzdgLZ8aFb9oZoAUvgHVjh_gQXBfCr9W_-p3R2ttDzXWctBg_9Xmsl0l9FviKKo4ghc0yqAtmPpdzyI57filhTCFtVevoVhKT6Q4POIjxSgi3i5W2HErJUi5Y2jGRFubpcI1B0jfLhYGzU_qu994iAie7poEHBeEPWmMIJC1dnSW8IvXxN6MhNwpLC5HNwZ5QGasibYhM512A4u2tODejLOOcR7bgkeqUlDHvf24KcymkFsjKVg1tK1Lc-0OwteDoGONp1OhHKociFLCD94H6yz5J6XzmWmI2INqc1Dn3MAHSXUl0eeqC8FIsfMWhR6mC12cZAkJf0S4jgrXwcoo-SIFM-7M2OyrFHKsrP2HQGYqnh6E8tKt0UNjluRTbHNU421prMn3VVLyUqD_BXwVT8iXAMKnosnZDlC272hyAFKzN4xGrEj1I3ZtDJVYPJPHEBT0Sq0JpjxHpdD44kpaii8BhHgvMDOWXAB8WwYqkzNYe5Y41jLH9vPDK9kk2OEtol-dDepT-Fwbw8p2Noa9Dxt8R-MY3tpW1u31IGUCVa9DrZ-PeXx2I7642F1FsOkXFn5LwtatAWVBuIMY5CVOwKzjR579gCyIQqJDiJD9EHEeo3wge0yUcWWUMU0awfyoGtAxdAGRM4YW3mGblDRdjcRAUh5-0ISVS81EIDOrOxZPJOxfJQBZmnRcFKVXflMBPfYpSj-2dR0AHr7Sh-vww0MSyXbUJlDSRb6ODyJ8ArWRD2USQHaGKp7hrtfsDM2W3vFIZ3mXzhlEloS6Z0SXL0LKzWfmj_zeR9xmvW3Ls1ZFICTQ2qlumbsJCkHHIrjOq05ZKzEwWOnzz-sbAOBVrqELF7AZDPKf2N-viKHlhRznUrK6S3j3hsVHy58RiaWZ9Ee1zIBY2zv-0A7SBM-32psmYjoLXNOwZ6DqXpcD9eNpUoM4kKH42QkuNNEWc5CubT3NwX8GJ6rpUakbtYvN4Bodbe7rBeIr6fGHNyZfJtp8sR57uyeAzVWM3x45WiaZusZcozH2JQ6H_11lwQgI-4Gdcr8MBC73SMhjUEY5t138ujcfu0AsApJBEU1WzjAXi1AbuvjmjG1psFvsDzXCVLWVW2pRSvDQCaZkxZWY07K_nWbd5il72lq3Jo7cC6R6iILxG9TriYVqdMdKABZUMcRK-d3FOMuLjvR9ekdl6t1q90qVKGDub1gnnk7OZ8_BZUF8D5IMmF6QkIWLctwsm_Q-8j9xaftFcNwk0oISAbVym-Lk5NgrqEJzOH3Ej94v9EwAU0&cid=CAASJ-Ros5PpWD-iEeEkoyjiJlV2G1lXy3qjuUbUBdcPwDc3Sa2pHC8cVg&rfl=2%2Chttps%253A%252F%252Fzhovta.ua%252F%240
Frame ID: A60E7A799DD071EFE8D3135C1469FC9A
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html
Frame ID: CA751BC74515025C36B97CA554352210
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 702F025FE11EA5561DBFF1BC67AE21EE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html
Frame ID: 8BAE3BD3BED5616D1A6061031A219E1A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E5E090005BAE4AC2A3A1DAA2F2D663E9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3EE916B9E2A16986A227F10A4353EB7E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
Frame ID: 603AA8CB76C8C3BB389BEE6D53D3DC92
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: FD1DB3A6BF4452B2B0D3F40098F3AD8E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D49850AA53A54766D924A6E3542A3CB8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Frame ID: 6DFE628FFE4210F6AEB7E3D2E48C0A30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дошка безкоштовних оголошень України | Zhovta.ua

Page URL History Show full URLs

http://zhovta.ua/ HTTP 301
https://zhovta.ua/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

169
Requests

96 %
HTTPS

75 %
IPv6

17
Domains

29
Subdomains

29
IPs

6
Countries

3316 kB
Transfer

8777 kB
Size

30
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://business.facebook.com/Zhovta.UA

Search URL Search Domain Scan URL

URL: https://ru.zhovta.ua/
Title: Рус

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/
Title: РОБОТА

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/
Title: НЕРУХОМІСТЬ

Search URL Search Domain Scan URL

URL: https://auto.zhovta.ua/
Title: АВТО

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/ogol/menedzher-z-realizatsii-metalovirobiv-o348099
Title: менеджер з реалiзацii металовиробiв.

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/ogol/robota-vodii-z-avto-o353123
Title: робота водій з авто

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/ogol/robota-vodii-z-avto-o353122
Title: робота водій з авто

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/ogol/voditel-s-avtoregistratsiya-v-taksi-o375057
Title: водитель с авто,регистрация в такси

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/ogol/zemelna-dilyanka-v-seli-krasnosilka-v-pershomu-ryadu-novobudov-o380101
Title: Земельна ділянка в селі Красносілка, в першому ряду новобудов

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/ogol/suprunovka-zemelnyi-uchastok-pod-stroitelstvo-doma-o370166
Title: Супруновка ,земельный участок под строительство дома.

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/ogol/kod-77697-3013-zemelna-dilyanka-bl-gorbanivka-pl-10-sot-o368150
Title: Код 77697/3013. Земельна ділянка. Бл. Горбанівка. пл. 10 сот.

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/ogol/yar-2-dilyanka-15-sotok-pid-budivnitstvo-rivne-mistse-o368668
Title: Яр-2. Ділянка 15 соток під будівництво. Рівне місце.

Search URL Search Domain Scan URL

URL: https://zhovta.info/
Title: Маркетплейс (підприємства, товари, послуги)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zhovta.ua/ HTTP 301
https://zhovta.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://mc.yandex.ru/watch/289152?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A728808941298%3Ahid%3A464220502%3Az%3A0%3Ai%3A20220530123636%3Aet%3A1653914197%3Ac%3A1%3Arn%3A548999630%3Arqn%3A1%3Au%3A16539141975611511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653914195433%3Ads%3A0%2C94%2C321%2C2%2C116%2C0%2C%2C308%2C24%2C%2C%2C%2C841%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653914197%3At%3A%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/289152/1?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A728808941298%3Ahid%3A464220502%3Az%3A0%3Ai%3A20220530123636%3Aet%3A1653914197%3Ac%3A1%3Arn%3A548999630%3Arqn%3A1%3Au%3A16539141975611511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653914195433%3Ads%3A0%2C94%2C321%2C2%2C116%2C0%2C%2C308%2C24%2C%2C%2C%2C841%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653914197%3At%3A%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFMfzFw9y5w5mo7QOAjPrrI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFMfzFw9y5w5mo7QOAjPrrI&google_cver=1&C=1

Request Chain 103

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpS6Vqw0S5IN0Zr9j7lU3AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEFnMMMYGqC53AmRNGxEcCk&google_cver=1

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHHypUEhjViIaGQ6k3Im1Q4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHHypUEhjViIaGQ6k3Im1Q4%26google_cver%3D1

Request Chain 105

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc4NDI4NjI4MjUwMjc1NjQ0Mw%3D%3D

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://fw.adsafeprotected.com/rfw/st/1056993/63470329/4.js?adContainerId=brand_safety_VrqUYob7DoWf-ganwIuwCQ&cbFunctionName=goog_wrapCb_VrqUYob7DoWf-ganwIuwCQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fzhovta.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fzhovta.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:91c6d5ce-419f-5a1e-79f9-08b2e30d3720,c:e6iNLg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-ztqgx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:20,oid:266ac889-e015-11ec-9623-da33a59a8805,v:19.8.309,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_VrqUYob7DoWf-ganwIuwCQ&cbFunctionName=goog_wrapCb_VrqUYob7DoWf-ganwIuwCQ&true_pb=

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

169 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
zhovta.ua/
Redirect Chain

http://zhovta.ua/
https://zhovta.ua/

74 KB
16 KB

415ms
322ms

Document
text/html

144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 24d6eeb62927ebb59214201c1ae9fe8998fabcffc9b73bb2d07b9ed35cea1f05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 May 2022 12:36:35 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 30 May 2022 12:36:35 GMT
Location: https://zhovta.ua/
Server: nginx

GET
H2 200 jquery-ui.min.css
code.jquery.com/ui/1.11.1/themes/smoothness/ 29 KB
7 KB 102ms
34ms Stylesheet
text/css 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.1/themes/smoothness/jquery-ui.min.css
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b60f9f86d77e2bc5425dcc7d4a02bda887f74aca04ea1b14ab147dcc91b9295

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-7545"
vary: Accept-Encoding
x-hw: 1653914196.dop109.lo4.t,1653914196.cds268.lo4.hn,1653914196.cds212.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7323

GET
H/1.1 200
OK font-awesome.min.css
s1.zhovta.ua/fonts/font-awesome-4.2.0/css/ 21 KB
5 KB 164ms
46ms Stylesheet
text/css 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.zhovta.ua/fonts/font-awesome-4.2.0/css/font-awesome.min.css
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2016 12:21:52 GMT
Server: nginx
ETag: W/"57920fe0-55e0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bb0285d65af2dea7ab100b91f300dd8211894707950.css
zhovta.ua/css/builds/ 283 KB
48 KB 56ms
55ms Stylesheet
text/css 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: b8b470f036a118349c673d320ea1d200f488f6ae084b1125c1583ed72ebd6b59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 Mar 2020 15:23:09 GMT
Server: nginx
ETag: W/"5e650ddd-46a79"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 228ms
101ms Script
text/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ca3e1139a5d1d0ebe29997a244de6fece6207b5265e697db71f2a20a8d063d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28124
x-xss-protection: 0
server: sffe
etag: "1230 / 193 of 1000 / last-modified: 1653689052"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 30 May 2022 12:36:36 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 161 KB
53 KB 189ms
80ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAi-_pHLKSBnx_3mVWBzWwFaNMlnVeSn8I

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

d348e4963616a1d1d838237d04aca5bf5e51495bd59cbe25519301d8b5266561

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=31
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53662
x-xss-protection: 0
expires: Mon, 30 May 2022 13:06:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.2/ 82 KB
29 KB 132ms
42ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 28 May 2022 22:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29456
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 May 2023 22:08:08 GMT

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.11.1/ 233 KB
62 KB 104ms
38ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.1/jquery-ui.min.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-3a2ea"
vary: Accept-Encoding
x-hw: 1653914196.dop109.lo4.t,1653914196.cds268.lo4.hn,1653914196.cds273.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 63672

GET
H/1.1 200
OK jquery.validate.min.js Show response
s1.zhovta.ua/plugins/jquery-validation-1.13.1/dist/ 21 KB
7 KB 165ms
47ms Script
application/javascript 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.zhovta.ua/plugins/jquery-validation-1.13.1/dist/jquery.validate.min.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2016 12:21:53 GMT
Server: nginx
ETag: W/"57920fe1-5450"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo_ua.jpg
zhovta.ua/images/admin/ 29 KB
29 KB 187ms
94ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/images/admin/logo_ua.jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 2fea1b9a08df090b0287d5f753dbbcce5f9044bd649449431d85354fafd31d4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Wed, 15 Jan 2020 10:43:45 GMT
Server: nginx
ETag: "5e1eece1-737a"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29562
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK f8a192a52dbfa4f9713d962cabe0eace.jpeg
zhovta.ua/storage/slider/ 33 KB
33 KB 188ms
92ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/storage/slider/f8a192a52dbfa4f9713d962cabe0eace.jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: ed37304123b9f91a8141d4c161e452977acc50e64925f8c2a069f7a974ea9002

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Wed, 10 Jun 2020 09:52:06 GMT
Server: nginx
ETag: "5ee0ad46-82de"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33502
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 9951b1eeceb361afbb077e79eceee98b.jpeg
zhovta.ua/storage/slider/ 30 KB
31 KB 166ms
51ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/storage/slider/9951b1eeceb361afbb077e79eceee98b.jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 4ebb31cfd35098e8e8addfc231854acc85dd2fd0228ceabf498edb9055592deb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Thu, 19 Nov 2020 12:45:36 GMT
Server: nginx
ETag: "5fb668f0-79e7"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31207
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7a46a22e9bf1e521454a278691e59afa.jpeg
zhovta.ua/storage/slider/ 36 KB
36 KB 217ms
49ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/storage/slider/7a46a22e9bf1e521454a278691e59afa.jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: efbe4d9113fe429cb94a9aed4a144dc51a369c96ce916b19471bf981877c9cec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Tue, 01 Sep 2020 07:51:49 GMT
Server: nginx
ETag: "5f4dfd95-8e3b"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36411
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK no-foto-370x370-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 6 KB
6 KB 48ms
46ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/no-foto-370x370-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 94d225dea35625dd151445c5f7e3a5f1b309cc0a5d2395f22c83d5d2616e657a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Sun, 15 Jan 2017 09:23:45 GMT
Server: nginx
ETag: "587b3fa1-16e5"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5861
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 6d196cb88b0ef4c9c0d52db3aba7c97f-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 28 KB
29 KB 67ms
46ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/6d196cb88b0ef4c9c0d52db3aba7c97f-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: ce53b7d94b6c6dae3b978f4fc50811064baa4ca79935dc11c7e2223301c59f96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Wed, 24 Jun 2020 11:16:42 GMT
Server: nginx
ETag: "5ef3361a-71fb"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29179
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK e28b35a8ce68287f162ccf111094380d-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 31 KB
31 KB 230ms
47ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/e28b35a8ce68287f162ccf111094380d-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: bd32080f978b5b99b2362c8646c9fb89496cc736d8da31a827162cef66feaa32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Wed, 24 Jun 2020 11:10:38 GMT
Server: nginx
ETag: "5ef334ae-7a51"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31313
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7f433589d3211346db210da2bfdf0f5b-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 31 KB
31 KB 235ms
47ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/7f433589d3211346db210da2bfdf0f5b-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 688581526a07b4ebf7a20ff772310ce8da309ffeb9cf79eed0c509799bda3cb6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Sun, 07 Nov 2021 07:04:21 GMT
Server: nginx
ETag: "61877a75-7a0e"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31246
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 58fca8b7e5fda70be89512d59b3d0c27-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 19 KB
20 KB 235ms
47ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/58fca8b7e5fda70be89512d59b3d0c27-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 82d8110bfa9b0c238d7a33a3814693e5a8add1851978032637132f391f793d40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Mon, 16 May 2022 10:06:37 GMT
Server: nginx
ETag: "6282222d-4ddd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19933
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 16a5cdebe530a3fadbe9c558cec4dab3-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 13 KB
13 KB 59ms
48ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/16a5cdebe530a3fadbe9c558cec4dab3-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: e053ee60f658d14e4c883114b3882d0d07c29ec8730ca31099c4f304f28abd17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Wed, 12 Aug 2020 21:33:46 GMT
Server: nginx
ETag: "5f34603a-3331"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13105
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK c9ba041aa4065f65b15cff74807f1118-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 27 KB
27 KB 111ms
52ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/c9ba041aa4065f65b15cff74807f1118-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: def63a575211d8f3c7f1ca69439bbc8f05cbc46db5ddc0c44940a01ae86e2533

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Fri, 14 Jan 2022 11:03:34 GMT
Server: nginx
ETag: "61e15886-6a81"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27265
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 45d849d25a3c961617e763a2fac8e57f-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 32 KB
32 KB 197ms
46ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/45d849d25a3c961617e763a2fac8e57f-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 6b8af26e3c5c85e0fcddb449e612da2f10dad9c70445dd8b9f8f1a0109a32492

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Wed, 25 Sep 2019 17:27:20 GMT
Server: nginx
ETag: "5d8ba378-7fee"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32750
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7400507c703aa13ebde62ed8cf15e81a-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 24 KB
25 KB 122ms
47ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/7400507c703aa13ebde62ed8cf15e81a-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: d4fa5d4b88126710b9e65ec883dae16c991fd51b837a3e9f7bef30c47d90147d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Mon, 16 Dec 2019 10:23:50 GMT
Server: nginx
ETag: "5df75b36-613d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24893
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 9104e92289842790a3c58d793baab617-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 31 KB
31 KB 171ms
48ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/9104e92289842790a3c58d793baab617-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 522284064e5f4c37a4dfcdb6025cb110dc1ba941aea0696b5df1b0011d817bfe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Thu, 17 Dec 2020 08:54:58 GMT
Server: nginx
ETag: "5fdb1ce2-7ab6"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31414
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 3cd9cf48bf1c7ff8f54fb5449c33adfc-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 18 KB
18 KB 149ms
94ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/3cd9cf48bf1c7ff8f54fb5449c33adfc-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: df0a549a1389d264746969d3af4d97b54b5efe395273f5a64b708570f8a02657

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Mon, 23 Dec 2019 10:28:16 GMT
Server: nginx
ETag: "5e0096c0-4648"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17992
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 67f6b8dc2acf6b6cb74992ebd2a28679-image(415x310-crop).JPG
s1.zhovta.ua/simgs/ 27 KB
27 KB 153ms
91ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/67f6b8dc2acf6b6cb74992ebd2a28679-image(415x310-crop).JPG
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 4cf5202ea18d5f14c6627977c0c694efd0e9b05adf2675c5fbb796639a32d10a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Sun, 22 May 2022 18:07:47 GMT
Server: nginx
ETag: "628a7bf3-6a02"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27138
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 18882ad6bfefc1d5cd53b37fa6b03955-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 35 KB
35 KB 166ms
90ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/18882ad6bfefc1d5cd53b37fa6b03955-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 30c508329211eede358e6a3561924956cf858c3e1f3a6819ea40874b9e606721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Mon, 17 Jan 2022 07:41:17 GMT
Server: nginx
ETag: "61e51d9d-8b52"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35666
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK e4e4cee0d9ac3e30be05adfbb5293a19-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 33 KB
33 KB 203ms
50ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/e4e4cee0d9ac3e30be05adfbb5293a19-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 4d2ac029791256e913271fec433c3303515c7d91f1b1634da53ad702b825e7e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Fri, 07 May 2021 11:11:03 GMT
Server: nginx
ETag: "60952047-82ff"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33535
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 74837bfcd40b206bb2cf67198bb27535-image(250x150-crop).jpeg
s1.zhovta.ua/simgs/ 7 KB
7 KB 123ms
47ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/74837bfcd40b206bb2cf67198bb27535-image(250x150-crop).jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: c75d0893bf63c26d4c0c06f6e0cfdcca24ffbc6431f8148f6243c30687b82ae0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Sat, 28 Dec 2019 14:54:23 GMT
Server: nginx
ETag: "5e076c9f-1c8f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7311
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 51f39a6f7a6e3b145a8c083fc0b36880-image(250x150-crop).jpeg
s1.zhovta.ua/simgs/ 8 KB
9 KB 171ms
47ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/51f39a6f7a6e3b145a8c083fc0b36880-image(250x150-crop).jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 94c8eaf7108f6b5de448268aa780b464b7825d476d350ba673d858715618b977

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Wed, 14 Mar 2018 17:23:46 GMT
Server: nginx
ETag: "5aa95aa2-217f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8575
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11f50341b718c5a358533924c6e81abf26547525819.js Show response
zhovta.ua/js/builds/ 266 KB
70 KB 54ms
54ms Script
application/javascript 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/js/builds/11f50341b718c5a358533924c6e81abf26547525819.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 49d70a9c2a0babf52874d753368dd42cd19187173f4687b6e66618fed2123a37

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2018 19:59:42 GMT
Server: nginx
ETag: W/"5bcf7dae-4293d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK messages_ua.js Show response
s1.zhovta.ua/plugins/jquery-validation-1.13.1/dist/localization/ 2 KB
1005 B 46ms
46ms Script
application/javascript 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.zhovta.ua/plugins/jquery-validation-1.13.1/dist/localization/messages_ua.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 12b3f9e370af4069d73b9b4a9659a80419a83a72bfd4c08a577e7d35e0226f10

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2016 12:21:53 GMT
Server: nginx
ETag: W/"57920fe1-706"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 150ms
40ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6342
date: Mon, 30 May 2022 10:50:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 30 May 2022 12:50:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
41ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1048
date: Mon, 30 May 2022 12:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 30 May 2022 14:19:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 125ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: 3wATH5t2Q7DrUApn8io2TxMib8YGYHt/g3IL0uCTlz/M+gCnNb/zskjslHX3+2V05J/eyxHqW790PrfJ4b7g2Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 30 May 2022 12:36:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sprite.png
zhovta.ua/images/ 28 KB
28 KB 178ms
93ms Image
image/png 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/images/sprite.png
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 5744b93d719cb88f6b376b2fc28e82ae1a802971ff11dbf8b145e19b93dddbef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Fri, 22 Jul 2016 12:21:52 GMT
Server: nginx
ETag: "57920fe0-70a3"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28835
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 433 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85f52ae01a1ca60a7c5d40c7a9008f320519bb1e11b50db65e8fc797f5258f7f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ubuntu-b.woff
zhovta.ua/fonts/ubuntu/ 47 KB
47 KB 110ms
50ms Font
font/woff 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/fonts/ubuntu/ubuntu-b.woff
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 6a82dab8b342d2b2ddff4960ef2c7be8ade29e10429aed3b8238ec41d3874b4f

Request headers

Referer: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Origin: https://zhovta.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Fri, 22 Jul 2016 12:21:52 GMT
Server: nginx
ETag: "57920fe0-bca0"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48288
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
zhovta.ua/css/fonts/ 64 KB
64 KB 180ms
92ms Font
font/woff 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/css/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Origin: https://zhovta.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Sun, 08 Mar 2020 14:38:25 GMT
Server: nginx
ETag: "5e650361-ffac"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65452
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ubuntu-r.woff
zhovta.ua/fonts/ubuntu/ 46 KB
46 KB 179ms
91ms Font
font/woff 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/fonts/ubuntu/ubuntu-r.woff
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: ceb4fbd7e9cfd6afbb7c05c6b95cf7003a851a2d2aec41444c6803219c034858

Request headers

Referer: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Origin: https://zhovta.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 30 May 2022 12:36:36 GMT
Last-Modified: Fri, 22 Jul 2016 12:21:52 GMT
Server: nginx
ETag: "57920fe0-b7cc"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47052
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 351ms
172ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3464d6c748ffa74b09788f0aafaeca82b9c21d8751a2cfc0f15a372b494b1a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:02:51 GMT
etag: "629093bb-c64c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50764
expires: Mon, 30 May 2022 13:36:36 GMT

GET
H2 200 389836378102754 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/389836378102754?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44e0c5bbc4d01be8c7bd4a7d50ece65dd261521a6a883c50f67fd05feba4414e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88769
x-xss-protection: 0
pragma: public
x-fb-debug: ear2niqZIKCQQFG81aMhrb5zDmW1J/WUyTDgAmkRHh66wqRS/PSTf4MM2dLzMXS7vm5wuB6UtdtN6Pi1XG4bjw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 30 May 2022 12:36:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 50ms
49ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2088239053&t=pageview&_s=1&dl=https%3A%2F%2Fzhovta.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1164286026&gjid=1625877939&cid=127931756.1653914196&tid=UA-4049280-8&_gid=483828178.1653914196&_r=1&_slc=1&z=2062730996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zhovta.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zhovta.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 49ms
48ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1931634103&utmhn=zhovta.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&utmhid=2088239053&utmr=-&utmp=%2F&utmht=1653914196387&utmac=UA-4049280-1&utmcc=__utma%3D178520687.127931756.1653914196.1653914196.1653914196.1%3B%2B__utmz%3D178520687.1653914196.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1627331294&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 147ms
63ms XHR
application/json 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAi-_pHLKSBnx_3mVWBzWwFaNMlnVeSn8I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://zhovta.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 124ms
43ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=389836378102754&ev=PageView&dl=https%3A%2F%2Fzhovta.ua%2F&rl=&if=false&ts=1653914196463&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653914196462.102369989&it=1653914196354&coo=false&rqm=GET

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 30 May 2022 12:36:36 GMT

GET
H2 200 pubads_impl_2022052401.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 166ms
43ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126668
x-xss-protection: 0
last-modified: Tue, 24 May 2022 08:38:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 May 2023 10:12:39 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 62 B
701 B 173ms
51ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=zhovta.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

528be60b632807c7cbab0866c94d5eb88c3dc77bcf5fcb0dc81d0fbb798fc8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65
x-xss-protection: 0
expires: Mon, 30 May 2022 12:36:36 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/289152/
Redirect Chain

https://mc.yandex.ru/watch/289152?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
https://mc.yandex.ru/watch/289152/1?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...

338 B
420 B

92ms
92ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/289152/1?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A728808941298%3Ahid%3A464220502%3Az%3A0%3Ai%3A20220530123636%3Aet%3A1653914197%3Ac%3A1%3Arn%3A548999630%3Arqn%3A1%3Au%3A16539141975611511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653914195433%3Ads%3A0%2C94%2C321%2C2%2C116%2C0%2C%2C308%2C24%2C%2C%2C%2C841%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653914197%3At%3A%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

262491e662b70583a979c0c1e0bc2f13f6ddd8c02f6b5ecca42a1a9b902f4871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 30-May-2022 12:36:36 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://zhovta.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 30-May-2022 12:36:36 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:36 GMT
last-modified: Mon, 30-May-2022 12:36:36 GMT
location: /watch/289152/1?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A728808941298%3Ahid%3A464220502%3Az%3A0%3Ai%3A20220530123636%3Aet%3A1653914197%3Ac%3A1%3Arn%3A548999630%3Arqn%3A1%3Au%3A16539141975611511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653914195433%3Ads%3A0%2C94%2C321%2C2%2C116%2C0%2C%2C308%2C24%2C%2C%2C%2C841%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653914197%3At%3A%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://zhovta.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 30-May-2022 12:36:36 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 86ms
86ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:36 GMT
last-modified: Wed, 18 May 2022 10:11:23 GMT
etag: "62849c1b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 30 May 2022 13:36:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 157ms
53ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=zhovta.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 143ms
52ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zhovta.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 May 2022 12:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 410 KB
61 KB 1062ms
978ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1985587062794108&correlator=711352629404250&eid=31067773&output=ldjh&gdfp_req=1&vrg=2022052401&ptt=17&impl=fifs&iu_parts=10471298%2Ctop%2Cright1%2Cright2%2Cbottom1%2Cbottom2%2Cbottom3%2Cbottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=970x90%7C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90&ifi=1&adks=4124708693%2C2245009037%2C2147588136%2C1433280869%2C161556115%2C3656164445%2C1544126351&sfv=1-0-38&ecs=20220530&fsapi=false&cust_params=%25D0%25A1%25D0%25B0%25D0%25B9%25D1%2582%3DZhovta.UA%26%25D0%25A2%25D0%25B8%25D0%25BF%3D%25D0%2593%25D0%25BE%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B0&sc=1&cookie_enabled=1&abxe=1&dt=1653914196779&lmt=1653914196&dlt=1653914195968&idt=784&biw=1600&bih=1200&adxs=315%2C-9%2C-9%2C223%2C650%2C1077%2C315&adys=10%2C-9%2C-9%2C2319%2C2319%2C2319%2C2578&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fzhovta.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1280x20%7C0x-1%7C0x-1%7C426x-1%7C426x-1%7C426x-1%7C1066x-1&msz=1260x0%7C0x-1%7C0x-1%7C406x-1%7C406x-1%7C406x-1%7C1046x-1&fws=0%2C2%2C2%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=127931756.1653914196&ga_sid=1653914196&ga_hid=2088239053&ga_fc=true&btvi=0%7C-1%7C-1%7C1%7C2%7C3%7C4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

36f91429b0140f9f8fd42f1dd1195ca4bb49d8bb12ca853cb2c08a5ddc489d5d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPugysGeh_gCFSODgwcd9KAKLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/4093211300173839340/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPigysGeh_gCFSODgwcd9KAKLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/11473888585380265984/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPmgysGeh_gCFSODgwcd9KAKLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13463943059003670528/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPqgysGeh_gCFSODgwcd9KAKLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5800646080567705600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPugysGeh_gCFSODgwcd9KAKLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/4093211300173839340/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPigysGeh_gCFSODgwcd9KAKLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/11473888585380265984/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPmgysGeh_gCFSODgwcd9KAKLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13463943059003670528/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPqgysGeh_gCFSODgwcd9KAKLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5800646080567705600/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62339
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
date: Mon, 30 May 2022 12:36:37 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zhovta.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A803 6 KB
4 KB 173ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:36 GMT
expires: Tue, 30 May 2023 12:36:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0C4C 0
18 B 86ms
42ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zhovta.ua
Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://zhovta.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:37 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 167ms
62ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39bf436064c81f1ffcdea489727643761c8add89cbafec46220797d677bc93f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 May 2022 12:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10609
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 151ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 May 2022 12:36:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC22 13 KB
5 KB 124ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 11279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 09:28:38 GMT
expires: Tue, 30 May 2023 09:28:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B418 783 B
1 KB 137ms
49ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53fbef0a550905dedb830df449586ccc857e984b40254f001e601849d08e4247

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-imgKbHO7W-jfZ2gcRCPeTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-imgKbHO7W-jfZ2gcRCPeTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:37 GMT
expires: Mon, 30 May 2022 12:36:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame AC22 36 KB
14 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 18:32:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 18:32:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B418 0
0 150ms
82ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052401&jk=1985587062794108&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AC22 0
9 B 43ms
42ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iqWmZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7B1 6 KB
3 KB 129ms
46ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:36 GMT
expires: Tue, 30 May 2023 12:36:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 652D 6 KB
3 KB 122ms
44ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:36 GMT
expires: Tue, 30 May 2023 12:36:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F8E 6 KB
3 KB 124ms
50ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:36 GMT
expires: Tue, 30 May 2023 12:36:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A79D 6 KB
3 KB 122ms
52ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:36 GMT
expires: Tue, 30 May 2023 12:36:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5733 6 KB
3 KB 97ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:36 GMT
expires: Tue, 30 May 2023 12:36:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/ Frame B41B 607 KB
188 KB 43ms
42ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d5a12ee523fe304d101fbe63f5287b85983b3a0fec2fb16690b1178f401b67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 502070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 192131
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 17:08:48 GMT
expires: Wed, 24 May 2023 17:08:48 GMT
last-modified: Thu, 28 Apr 2022 09:24:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5733 0
0 86ms
86ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1G0YVLqUYvumOaOGjuwP9MGq4ALQrpeaap7b4JPXD9vZHhABILjb9RJgu4aAgNAKoAH0hfvWA8gBCakC9vRt604wtT7gAgCoAwHIA0iqBNUBT9BV0vh7OKkUG1ADyAfosdTq_dyo9F8dAjdCmZRYqLqKqilN0_3ZDVLlhq_dzJFejRquXnKKFBLOw9x7Uf0qVriRIlxL-X6f0xITNxZzM2hFAalSnvX_dqQPP-Jlg13JKCJ9tQGJcDOIPoLRTSYQ0UEFRERrOvU3uHXr9fefFq8bx7wk92Zc9DPpUU1n4JVDOmr2jFjC8dLW8XXxrHqCUzF7SFRKWh5kZtus3-wVUn9jHm-Ugmoql6dNSRAAJds2yTTQqWXAJLI0yqJmCjT1GLFlPCO3wAS7n4n4-QPgBAGSBQQIBBgBkgUECAUYBKAGLoAH9PmEKagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEODGQdIICQiI4YAQEAEYHYAKAcgLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00MjAwODY3NzQ5NjI1NzY4GKrjEA&sigh=x72EGuk9hc8&uach_m=[UACH]&template_id=419
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 5733 21 KB
8 KB 242ms
242ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4cb688258440ab067c4dd9f03f80b8bcc2eae563f3fa57f1266216a7f3d6814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:32:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 502080994137221277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:32:42 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/ Frame 9BA3 612 KB
189 KB 46ms
45ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b4bfc51238f4dbdf27cb79643a1536b0aaca874b3edd65cab5353300b64570c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 531952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 193353
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 08:50:46 GMT
expires: Wed, 24 May 2023 08:50:46 GMT
last-modified: Thu, 28 Apr 2022 09:24:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 652D 0
0 83ms
83ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4bZ3VLqUYvimOaOGjuwP9MGq4ALQrpeaau7b4JPXD9vZHhABILjb9RJgu4aAgNAKoAH0hfvWA8gBCakC9vRt604wtT7gAgCoAwHIAwKqBNoBT9Auao-infEFjcQM9HNoaeEdeD5wkzkBC8l4MjqjIZQJjMTAX13cdA-XkUXwZOqYJXlDCDLbwEWTwMQaykIL6WUEKW1ZA5t_5Mg8uVRufgRmSyQeOzqZbkKhIXjqAqbzii7EKDUh1pU-aWXTeFJSt2bwunhrzvCugbLX8QVfCphpIiTKUhWlV4r0NNa7GM0M5aI5bwjxBFsLAp7wOt4KoZ4CpaI0sSLvs9YDk1E0zSf0KLPOWvqnklxsu_TfJa5_PbL0QEk88ljSB5za9xOyPcIZp7QNbB5Md_fABLufifj5A-AEAZIFBAgEGAGSBQQIBRgEoAZdgAf0-YQpqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrqUN0ggJCIjhgBAQARgdgAoByAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTQyMDA4Njc3NDk2MjU3NjgYquMQ&sigh=WCLPJCPmc8w&uach_m=[UACH]
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2A6 143 B
426 B 132ms
41ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:25:18 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 652D 3 KB
1 KB 233ms
233ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:29:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 652D 136 KB
42 KB 327ms
218ms Script
text/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F7C3 624 B
771 B 134ms
52ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEYg_-QywEwAQ&v=APEucNUK2f1lVTi_KyW-N9rfjzg99-fKsbPrkD3jRPcYP8mLndG6BEgZg_UbrO_7_Phq3AGBPazR-NiqshzaqBApb0VKiCThQQ8KwKBHTM4CYeHzenQeZalyD7TeYwt_TwQIIuEruX-MEc0ctPU0oLCPC8NS4jvo9OzW2vlM-izp9Fy-E3iXnZ8

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:38 GMT
expires: Mon, 30 May 2022 12:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A60E 95 KB
36 KB 167ms
85ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLnaTkJsz9pv5E4p_Pj7VyHkNnwIdqRmWg_KWeH-xKHjNwNxv1mUB2OMq4L-zqZiVxy7xDx7iLXyx9T1HjQCh_tZ1ioWy6YT_oC43ugXjpKIGzt1w4fQzI41XDpyAcJffZthWILQgbVfyYvZkHnHbhqF437g&dbm_d=AKAmf-Ass1-b_dyhL8kVu6htA0_pN3beHBYWqlsxJ3PhxDpZhHzOh4Uxzueyp5g7PhaI_bIASZHzgDFuQcyC6bQxM7_RMnn6z-4oarPdO89ORuPqRk4vDduR-0WU0v5DvzrR2hkK6J2rGsId8uoHZ6KJ0YklZodMQ8X74YWQAQR4P6F6rLIKBHppyU6solAyj8qWAC1ezmpDZG878WN67dZ9eOF7Bk7962vGj_vKF_sMeSrFQEhAliXfjbhB13SuqI1etcPH0KIgTeLtjfB11tdLqCq8zMNgLxBKrP-LQs4xEJyqOqQSLqIGvFfiagwCNMBLJf2cHCQmD6Heev-KvfRZKszEj-OcyWSeZF66aWKDZJIZXQqjUCK8vwNxSIpaQmKZH1iL54RLsxhClJoH0DRDjcccwSmIdH2lva1h2lZC4FwIP6VPHkbKMu9Bz803SEoBHb5tYey8lDYVkwj-K1yTwXAwTuzWfbj_C_LE-OESoZu7iKD7QmUwZP_HV4HmuIKpnqTz-N0zbLYRHpgfmm1goOKaxNbYLj6_hB4tzBE-ICgOGoSVQn6lgBzDivzam1QRGPNJ2W4Cmk8RDs-F4xRlwpe5cAjT3aaGTr2Kgq2Gw734SSYtbbp2d6fHYBL5P5qLyojJxQ4776kObFeE2xruqsUyO0UjIYYnGy2THUigQOfvA5VSac4_JJ8OapOdKPWMf66MHlc_yJIBxGJqwZukq6CwN-qm5N5pNZom_yMjLzMV9_c6z2kIO0EByN9aQegMzZyjnHFALSJHy4Vk9oHbDyPj0Q2iwT_BOPu-T_Q0c1f6gPz0FkLEQpk2KaxkdcTijp2f0zn2EYMhkmeONH9UHgovLwAj72ESVXyHqEAmKLWypLfalD3wC-JV0wt2ZwDKA98aW7KP75JO3AReLrCpsKGWxJ0WkIEsgyWXpWLgmUykLFCNQLxMjNgM-Q4s-DY6CTst4HLdPKGnwGMPI7AuMr_VqwQF8R6wPzEUSLV6Qk2vNXfLYkMFeOWUuHGlMEpzAxXXBjhCmlzflh1c9Pv3Vo_j7Gml8MrZZqX4woCXSkg7H5Fb16xDjuW3TY7rBmMAocYrXklF4QHHbMN2FJpEaEpqeIHey-XDHAQKzDbam47SwC82K9N6dqgqzLUvprff8TFy_FdU8I8guAqCZFWsjbsV4suCzRv-a2HfZQfab4wTGUIo5RUYp0Yd4T2O9liouAOgrYo1fbw6KU7ILSE6_od97WqutcekTrFzDcFIroOsrBmtYm0hOShxfvGQkcqSpwfMCiPntf8hB-FezosWfHckv3ht3zpO53w5OHwW6F2jziKjmRjp6O509Z4T8mlwOH7_ENf_vNZX-VLEwbDzrp7gr8PPyX4WKVluSfwF-zf8n02BDVna7wSzAOOri_ybG90QTbAEo80ePdLjZ30VRg9ilVqRlrlQ9nQxSSCVBaRlK21r8md8bGdRpcK3xQLes7UMqmvi1wbe-n2_qISmnDlsmvOBG4151TDAo9Vz6l2F6Po4X4GZp025EmNbEgCTO3CuSOzggY_93ymcerS1K1KFYqybKaqLOMWgHtWyn_1k6Hl4pRVoOB5U-TT3tkmGJd2EnIpmxHWF4aqKS2EARmKpAdEiF-cJ56HSdWl77P4KVXZKslnNbqbnskCl5fo8WLDC2zfQ4fprT5ELTAgBGCfLYOP1Vx4xz75kXIxy_OGoiJDTfg2W6NSgI0GRqYi1ol_f1_YzCpbSaz7TGGrC_RXVkOfCULVUeAfMRcCZbvOQIJHKejR-g5BWsiHZAezeJhTduKwCsznBF7SW1m0k57bedPd6l2KsYX31GxfDRzs9IztlAUMdkZb45XBkIVHTO2No22Qtg5kzxrPZvo4EOtqnmW1fbwH98iw_za0FBrbOxqmwIEZYbxYxlgGmBUzgRE3H7ixhb12GO5rl0p4_4vz6SG9tnUa7AwXHXRFh5x4KGGkurxIwpFVAVV72rQlhwUxs4meFCBhnJCveODKt_MKx_8t5y8LMbSb6cpl3HgSFRRzdgLZ8aFb9oZoAUvgHVjh_gQXBfCr9W_-p3R2ttDzXWctBg_9Xmsl0l9FviKKo4ghc0yqAtmPpdzyI57filhTCFtVevoVhKT6Q4POIjxSgi3i5W2HErJUi5Y2jGRFubpcI1B0jfLhYGzU_qu994iAie7poEHBeEPWmMIJC1dnSW8IvXxN6MhNwpLC5HNwZ5QGasibYhM512A4u2tODejLOOcR7bgkeqUlDHvf24KcymkFsjKVg1tK1Lc-0OwteDoGONp1OhHKociFLCD94H6yz5J6XzmWmI2INqc1Dn3MAHSXUl0eeqC8FIsfMWhR6mC12cZAkJf0S4jgrXwcoo-SIFM-7M2OyrFHKsrP2HQGYqnh6E8tKt0UNjluRTbHNU421prMn3VVLyUqD_BXwVT8iXAMKnosnZDlC272hyAFKzN4xGrEj1I3ZtDJVYPJPHEBT0Sq0JpjxHpdD44kpaii8BhHgvMDOWXAB8WwYqkzNYe5Y41jLH9vPDK9kk2OEtol-dDepT-Fwbw8p2Noa9Dxt8R-MY3tpW1u31IGUCVa9DrZ-PeXx2I7642F1FsOkXFn5LwtatAWVBuIMY5CVOwKzjR579gCyIQqJDiJD9EHEeo3wge0yUcWWUMU0awfyoGtAxdAGRM4YW3mGblDRdjcRAUh5-0ISVS81EIDOrOxZPJOxfJQBZmnRcFKVXflMBPfYpSj-2dR0AHr7Sh-vww0MSyXbUJlDSRb6ODyJ8ArWRD2USQHaGKp7hrtfsDM2W3vFIZ3mXzhlEloS6Z0SXL0LKzWfmj_zeR9xmvW3Ls1ZFICTQ2qlumbsJCkHHIrjOq05ZKzEwWOnzz-sbAOBVrqELF7AZDPKf2N-viKHlhRznUrK6S3j3hsVHy58RiaWZ9Ee1zIBY2zv-0A7SBM-32psmYjoLXNOwZ6DqXpcD9eNpUoM4kKH42QkuNNEWc5CubT3NwX8GJ6rpUakbtYvN4Bodbe7rBeIr6fGHNyZfJtp8sR57uyeAzVWM3x45WiaZusZcozH2JQ6H_11lwQgI-4Gdcr8MBC73SMhjUEY5t138ujcfu0AsApJBEU1WzjAXi1AbuvjmjG1psFvsDzXCVLWVW2pRSvDQCaZkxZWY07K_nWbd5il72lq3Jo7cC6R6iILxG9TriYVqdMdKABZUMcRK-d3FOMuLjvR9ekdl6t1q90qVKGDub1gnnk7OZ8_BZUF8D5IMmF6QkIWLctwsm_Q-8j9xaftFcNwk0oISAbVym-Lk5NgrqEJzOH3Ej94v9EwAU0&cid=CAASJ-Ros5PpWD-iEeEkoyjiJlV2G1lXy3qjuUbUBdcPwDc3Sa2pHC8cVg&rfl=2%2Chttps%253A%252F%252Fzhovta.ua%252F%240

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d91f5f3024bec881e61f8c4887176d64cfd89bc6a2d912ebece65d8fee8d91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame A60E 3 KB
1 KB 223ms
222ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:29:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A60E 136 KB
42 KB 302ms
203ms Script
text/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame A60E 17 KB
7 KB 213ms
213ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:30:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A60E 0
0 131ms
48ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAI9xgRCzfZCXDp5oa4AwNWm-u-dJ7Ze4FM9Jd9YR2ah2Qf0epQcgIe4XJ-Yx2KzchpySACkXNHxWp_mlkIJ6TI6VzgQ
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A60E 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQQ1EaBLVloJlAmvJNbyQQu97Z-4aPcP3gs97GSLj9rBtkqR49KFWBbw9aHk0b1GMRm_ZhN8MeMIJfZWzLmTgEkuus4mIU0VSHZJKqy2yR9owEsBg

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/ Frame CA75 607 KB
189 KB 60ms
60ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a77d5033c61a752fbb564133dcdcf098ac0cec5c4e6aa8f196a3e548a8a154e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 505634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 193162
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 16:09:24 GMT
expires: Wed, 24 May 2023 16:09:24 GMT
last-modified: Thu, 28 Apr 2022 09:24:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8F8E 0
0 84ms
84ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw8zFVLqUYvmmOaOGjuwP9MGq4AL_05ibasSp0OH8D9vZHhABILjb9RJgu4aAgNAKoAH0hfvWA8gBCakC9vRt604wtT7gAgCoAwHIAwKqBNoBT9DlPQGdnzpXtFvkcrnaSB1FjIA11mctW7TRfZhTFd6gpwONtvQR0pG7SYpHnS-0OEgUH9xN9z8_4fQZGbKmHNyftZOp5nsrbYFJDpnOA9jo7p7g55UfVWc3DUk9aD0miplZlJBDXiuT3nhjYVM6VW6UP1B2Qs66jv64YzJdzCTno-qoFz7rbMyLWKBJBRowq0BqaBZx1FYjnWgKKLPp_AsSBnXUaMOC-NNXOZ-ZVDYdRkwB_f8sfKzs17Az0EFT3bjlborSDxsIoWY7j_Hq4SN-IUI7QTOJR_bABKv3kofzA-AEAZIFBAgEGAGSBQQIBRgEoAZdgAf0-YQpqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgqkN0ggJCIjhgBAQARgdgAoByAsB2BMNiBQB0BUBmBYBgBcBshceChwIABIUcHViLTQyMDA4Njc3NDk2MjU3NjgYquMQ&sigh=KJ7qAC_LUpg&uach_m=[UACH]
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 702F 143 B
198 B 107ms
42ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:25:18 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 8F8E 3 KB
1 KB 207ms
207ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:29:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F8E 136 KB
42 KB 205ms
122ms Script
text/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/ Frame 8BAE 611 KB
189 KB 65ms
65ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cd758ed801e9ccb52c9eb95da2fe72002357d64995902eb8a1c15b0bbf45674

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 532175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 193394
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 08:47:03 GMT
expires: Wed, 24 May 2023 08:47:03 GMT
last-modified: Thu, 28 Apr 2022 09:24:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A79D 0
0 85ms
85ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CY6BfVLqUYvqmOaOGjuwP9MGq4ALQrpeaao7d4JPXD9vZHhABILjb9RJgu4aAgNAKoAH0hfvWA8gBCakC9vRt604wtT7gAgCoAwHIAwKqBNoBT9CPql_iua87xiQOaTWRIgj-9rj0xgO3x8idvOKxnki7IgJFyWl3CZfwCk8TDcqcMGouJQWy-n5-pEHwsGJ61SzTXslxuzIMdofBOesQ2gU2E_vNGiipqjVo8NzSNuzSgl6KfLyhUKvvs1jBrEJxNtvqHCDB5MfMjoXc2q-rkm6pAQA4KCV7eQmaN7IMTH7y1VLFQDyNO2q0IZ7r0oxj8DBO9p4VUmQEQ_J_pBygerSSTy0wWRLIfRcIlsB-CsXb4qAOiWcSvn11ewwriUrRgQIz6h_7jqzgAaLABLufifj5A-AEAZIFBAgEGAGSBQQIBRgEoAZdgAf0-YQpqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2voe0ggJCIjhgBAQARgdgAoByAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTQyMDA4Njc3NDk2MjU3NjgYquMQ&sigh=NcXslBo_Cok&uach_m=[UACH]
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E5E0 143 B
198 B 92ms
41ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:25:18 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame A79D 3 KB
1 KB 193ms
193ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:29:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A79D 136 KB
42 KB 252ms
184ms Script
text/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B41B 4 KB
675 B 140ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:500,600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff79acbd5aa82002c44f55b0687b1c40419c55a16ac63075050d7f185f7ce878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 May 2022 12:36:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 May 2022 12:36:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B41B 16 KB
6 KB 168ms
167ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 31 May 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B41B 26 KB
10 KB 168ms
167ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4093211300173839340/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 19:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 May 2022 19:11:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9BA3 6 KB
693 B 138ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800,700,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c646a843a8583d1d4d9176fe620e91e24851aed73600a2ee131d481a165935d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 May 2022 12:36:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 May 2022 12:36:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9BA3 16 KB
6 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 31 May 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9BA3 26 KB
10 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11473888585380265984/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 19:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 May 2022 19:11:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CA75 6 KB
716 B 103ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800,700,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c646a843a8583d1d4d9176fe620e91e24851aed73600a2ee131d481a165935d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 May 2022 12:31:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 May 2022 12:36:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CA75 16 KB
6 KB 134ms
134ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 31 May 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CA75 26 KB
10 KB 135ms
134ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13463943059003670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 19:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 May 2022 19:11:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8BAE 6 KB
1 KB 83ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800,700,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c646a843a8583d1d4d9176fe620e91e24851aed73600a2ee131d481a165935d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 May 2022 12:36:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 May 2022 12:36:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8BAE 16 KB
6 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 31 May 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8BAE 26 KB
10 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5800646080567705600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 19:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 May 2022 19:11:07 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F7C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFMfzFw9y5w5mo7QOAjPrrI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFMfzFw9y5w5mo7QOAjPrrI&google_cver=1&C=1

43 B
1013 B

138ms
138ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFMfzFw9y5w5mo7QOAjPrrI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEYg_-QywEwAQ&v=APEucNUK2f1lVTi_KyW-N9rfjzg99-fKsbPrkD3jRPcYP8mLndG6BEgZg_UbrO_7_Phq3AGBPazR-NiqshzaqBApb0VKiCThQQ8KwKBHTM4CYeHzenQeZalyD7TeYwt_TwQIIuEruX-MEc0ctPU0oLCPC8NS4jvo9OzW2vlM-izp9Fy-E3iXnZ8
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 May 2022 12:36:38 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 May 2022 12:36:38 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 May 2022 12:36:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFMfzFw9y5w5mo7QOAjPrrI&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 30 May 2022 12:36:38 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F7C3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpS6Vqw0S5IN0Zr9j7lU3AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEFnMMMYGqC53AmRNGxEcCk&google_cver=1

43 B
1013 B

190ms
189ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEFnMMMYGqC53AmRNGxEcCk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEYg_-QywEwAQ&v=APEucNUK2f1lVTi_KyW-N9rfjzg99-fKsbPrkD3jRPcYP8mLndG6BEgZg_UbrO_7_Phq3AGBPazR-NiqshzaqBApb0VKiCThQQ8KwKBHTM4CYeHzenQeZalyD7TeYwt_TwQIIuEruX-MEc0ctPU0oLCPC8NS4jvo9OzW2vlM-izp9Fy-E3iXnZ8
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 May 2022 12:36:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 May 2022 12:36:39 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEFnMMMYGqC53AmRNGxEcCk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F7C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHHypUEhjViIaGQ6k3Im1Q4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHHypUEhjViIaGQ6k3Im1Q4%26google_cver%3D1

43 B
1 KB

38ms
38ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHHypUEhjViIaGQ6k3Im1Q4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRChqUEYg_-QywEwAQ&v=APEucNUK2f1lVTi_KyW-N9rfjzg99-fKsbPrkD3jRPcYP8mLndG6BEgZg_UbrO_7_Phq3AGBPazR-NiqshzaqBApb0VKiCThQQ8KwKBHTM4CYeHzenQeZalyD7TeYwt_TwQIIuEruX-MEc0ctPU0oLCPC8NS4jvo9OzW2vlM-izp9Fy-E3iXnZ8

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 May 2022 12:36:38 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e0642b67-8832-49a0-9a7f-4244614579c6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 May 2022 12:36:38 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 37c24584-cb41-4aaa-b588-39dd077d1e3a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHHypUEhjViIaGQ6k3Im1Q4%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7C3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc4NDI4NjI4MjUwMjc1NjQ0Mw%3D%3D

170 B
188 B

165ms
66ms

Image
image/png

142.251.37.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc4NDI4NjI4MjUwMjc1NjQ0Mw%3D%3D

Requested by

Protocol

Server

142.251.37.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s13-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 May 2022 12:36:38 GMT
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 52ae62cb-6273-462f-a0de-9981b82898e8
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc4NDI4NjI4MjUwMjc1NjQ0Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2A6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

198ms
140ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:36:38 GMT
expires: Mon, 30 May 2022 12:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:36:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E5E0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

135ms
133ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:36:38 GMT
expires: Mon, 30 May 2022 12:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:36:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 702F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

136ms
134ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:36:38 GMT
expires: Mon, 30 May 2022 12:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:36:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
84ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052401&jk=1985587062794108&bg=!YmGlYSXNAAao8wy8iPM7ACkAdvg8WiGURLjUx1vwEtEhfZVJLE6aBCSMWGM7vIIs1yA_gbXwZPXX1QIAAABZUgAAAAJoAQcKAFJ4Dk9I9hVVPIgwucJ5XY5lOTuYCoZRaMT2sP5WznV2-nLcT_QhHt2U0zDVtHh42y1XN_V_jZjvV7_OGfLKOWmjlLtWt20ITPETi2VDlXbI0M6hmQKZGvKX76Yybxa3MqEW-ajmE5DIpAtwNFtVuVX_BVRryYljxyh-5n0PJPTWkn0WvzJ45SKaKHk7FTCsW4j61sGJSxLEfz1O0e2su0mZnXnzTHk24OlB6aRVtbD2_CMOvb6Xuwg60ZcS3gVOYQTc6KaMvon12amxWJS0Xv-YGwDQidFW-MbqblEtU4VrM4IYaidkmrS7Rbvq_y7SKztiZVPY5W4AcLF2jgTah0mGONpEmO0ccFKFMBd5GzMBfTlF-Opf3P9CcF4UgxbEetzVJUsFfFBwIe-F6YpH34PHaium9OKqdUkSonED6bN-n9yr3IJpDfUuyWfc4UI8rConh3ngSrpJPS7Szrby8rL_cD9dSmOspKj3rri3maISIMXHbnHz-5Q_EHdbeG4-bgMltrq6daqpnQ4VgBUyJpkAyzQ6aAmi3RpXS-eZsQIXKZTX1edJNQP_K6ElpogDb2i4FLe_OlQdRIZAoVJO7YNPdSu3Wm402qne3EZ-k_1D6x01xOaFduZJsvasE9sKxquvGVVKuh5VCiba614_5p9bZ0LgX6PBOwVBYv6D82gbRA5KHaIG0VbcufXupFsEAI5B1tNXZ7d1Xw2Hy28GhCgdBTMMtRfO1qH-4InuQXdr--bv6iMpUF01OOXJmmmKmoUj6GWsq1VIzc4-iz9S1TPc6LpPkbCtaOKoSXU1kVpHTS9uuygC72nyZ4aIZnrTh5uGrMfZJJXPC_gZaEO8f6jyUd_1zVH4kxEtghs8x8lxs87XdU9hfFhn7Fr-Md8zx7LgRJcZTgON6ZcBdwtJIeiba-UhwJnkOUtZw9lfgLpyya52kSja2WSsE-KT5GIxfQ0xLBIYRHAYuYIpVRsVNq7P5TC-Q_RxXcWB-dQPzag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1056993/63470329/ Frame A60E 233 KB
71 KB 179ms
52ms Script
application/javascript 34.250.52.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1056993/63470329/skeleton.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.52.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-52-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 17a32658e817f5f4b300987b21caffa28c22e41156933f0bcb2c9264ec953094

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:38 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A60E 170 KB
59 KB 156ms
40ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Origin: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 11:18:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame A60E 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLnaTkJsz9pv5E4p_Pj7VyHkNnwIdqRmWg_KWeH-xKHjNwNxv1mUB2OMq4L-zqZiVxy7xDx7iLXyx9T1HjQCh_tZ1ioWy6YT_oC43ugXjpKIGzt1w4fQzI41XDpyAcJffZthWILQgbVfyYvZkHnHbhqF437g&dbm_d=AKAmf-Ass1-b_dyhL8kVu6htA0_pN3beHBYWqlsxJ3PhxDpZhHzOh4Uxzueyp5g7PhaI_bIASZHzgDFuQcyC6bQxM7_RMnn6z-4oarPdO89ORuPqRk4vDduR-0WU0v5DvzrR2hkK6J2rGsId8uoHZ6KJ0YklZodMQ8X74YWQAQR4P6F6rLIKBHppyU6solAyj8qWAC1ezmpDZG878WN67dZ9eOF7Bk7962vGj_vKF_sMeSrFQEhAliXfjbhB13SuqI1etcPH0KIgTeLtjfB11tdLqCq8zMNgLxBKrP-LQs4xEJyqOqQSLqIGvFfiagwCNMBLJf2cHCQmD6Heev-KvfRZKszEj-OcyWSeZF66aWKDZJIZXQqjUCK8vwNxSIpaQmKZH1iL54RLsxhClJoH0DRDjcccwSmIdH2lva1h2lZC4FwIP6VPHkbKMu9Bz803SEoBHb5tYey8lDYVkwj-K1yTwXAwTuzWfbj_C_LE-OESoZu7iKD7QmUwZP_HV4HmuIKpnqTz-N0zbLYRHpgfmm1goOKaxNbYLj6_hB4tzBE-ICgOGoSVQn6lgBzDivzam1QRGPNJ2W4Cmk8RDs-F4xRlwpe5cAjT3aaGTr2Kgq2Gw734SSYtbbp2d6fHYBL5P5qLyojJxQ4776kObFeE2xruqsUyO0UjIYYnGy2THUigQOfvA5VSac4_JJ8OapOdKPWMf66MHlc_yJIBxGJqwZukq6CwN-qm5N5pNZom_yMjLzMV9_c6z2kIO0EByN9aQegMzZyjnHFALSJHy4Vk9oHbDyPj0Q2iwT_BOPu-T_Q0c1f6gPz0FkLEQpk2KaxkdcTijp2f0zn2EYMhkmeONH9UHgovLwAj72ESVXyHqEAmKLWypLfalD3wC-JV0wt2ZwDKA98aW7KP75JO3AReLrCpsKGWxJ0WkIEsgyWXpWLgmUykLFCNQLxMjNgM-Q4s-DY6CTst4HLdPKGnwGMPI7AuMr_VqwQF8R6wPzEUSLV6Qk2vNXfLYkMFeOWUuHGlMEpzAxXXBjhCmlzflh1c9Pv3Vo_j7Gml8MrZZqX4woCXSkg7H5Fb16xDjuW3TY7rBmMAocYrXklF4QHHbMN2FJpEaEpqeIHey-XDHAQKzDbam47SwC82K9N6dqgqzLUvprff8TFy_FdU8I8guAqCZFWsjbsV4suCzRv-a2HfZQfab4wTGUIo5RUYp0Yd4T2O9liouAOgrYo1fbw6KU7ILSE6_od97WqutcekTrFzDcFIroOsrBmtYm0hOShxfvGQkcqSpwfMCiPntf8hB-FezosWfHckv3ht3zpO53w5OHwW6F2jziKjmRjp6O509Z4T8mlwOH7_ENf_vNZX-VLEwbDzrp7gr8PPyX4WKVluSfwF-zf8n02BDVna7wSzAOOri_ybG90QTbAEo80ePdLjZ30VRg9ilVqRlrlQ9nQxSSCVBaRlK21r8md8bGdRpcK3xQLes7UMqmvi1wbe-n2_qISmnDlsmvOBG4151TDAo9Vz6l2F6Po4X4GZp025EmNbEgCTO3CuSOzggY_93ymcerS1K1KFYqybKaqLOMWgHtWyn_1k6Hl4pRVoOB5U-TT3tkmGJd2EnIpmxHWF4aqKS2EARmKpAdEiF-cJ56HSdWl77P4KVXZKslnNbqbnskCl5fo8WLDC2zfQ4fprT5ELTAgBGCfLYOP1Vx4xz75kXIxy_OGoiJDTfg2W6NSgI0GRqYi1ol_f1_YzCpbSaz7TGGrC_RXVkOfCULVUeAfMRcCZbvOQIJHKejR-g5BWsiHZAezeJhTduKwCsznBF7SW1m0k57bedPd6l2KsYX31GxfDRzs9IztlAUMdkZb45XBkIVHTO2No22Qtg5kzxrPZvo4EOtqnmW1fbwH98iw_za0FBrbOxqmwIEZYbxYxlgGmBUzgRE3H7ixhb12GO5rl0p4_4vz6SG9tnUa7AwXHXRFh5x4KGGkurxIwpFVAVV72rQlhwUxs4meFCBhnJCveODKt_MKx_8t5y8LMbSb6cpl3HgSFRRzdgLZ8aFb9oZoAUvgHVjh_gQXBfCr9W_-p3R2ttDzXWctBg_9Xmsl0l9FviKKo4ghc0yqAtmPpdzyI57filhTCFtVevoVhKT6Q4POIjxSgi3i5W2HErJUi5Y2jGRFubpcI1B0jfLhYGzU_qu994iAie7poEHBeEPWmMIJC1dnSW8IvXxN6MhNwpLC5HNwZ5QGasibYhM512A4u2tODejLOOcR7bgkeqUlDHvf24KcymkFsjKVg1tK1Lc-0OwteDoGONp1OhHKociFLCD94H6yz5J6XzmWmI2INqc1Dn3MAHSXUl0eeqC8FIsfMWhR6mC12cZAkJf0S4jgrXwcoo-SIFM-7M2OyrFHKsrP2HQGYqnh6E8tKt0UNjluRTbHNU421prMn3VVLyUqD_BXwVT8iXAMKnosnZDlC272hyAFKzN4xGrEj1I3ZtDJVYPJPHEBT0Sq0JpjxHpdD44kpaii8BhHgvMDOWXAB8WwYqkzNYe5Y41jLH9vPDK9kk2OEtol-dDepT-Fwbw8p2Noa9Dxt8R-MY3tpW1u31IGUCVa9DrZ-PeXx2I7642F1FsOkXFn5LwtatAWVBuIMY5CVOwKzjR579gCyIQqJDiJD9EHEeo3wge0yUcWWUMU0awfyoGtAxdAGRM4YW3mGblDRdjcRAUh5-0ISVS81EIDOrOxZPJOxfJQBZmnRcFKVXflMBPfYpSj-2dR0AHr7Sh-vww0MSyXbUJlDSRb6ODyJ8ArWRD2USQHaGKp7hrtfsDM2W3vFIZ3mXzhlEloS6Z0SXL0LKzWfmj_zeR9xmvW3Ls1ZFICTQ2qlumbsJCkHHIrjOq05ZKzEwWOnzz-sbAOBVrqELF7AZDPKf2N-viKHlhRznUrK6S3j3hsVHy58RiaWZ9Ee1zIBY2zv-0A7SBM-32psmYjoLXNOwZ6DqXpcD9eNpUoM4kKH42QkuNNEWc5CubT3NwX8GJ6rpUakbtYvN4Bodbe7rBeIr6fGHNyZfJtp8sR57uyeAzVWM3x45WiaZusZcozH2JQ6H_11lwQgI-4Gdcr8MBC73SMhjUEY5t138ujcfu0AsApJBEU1WzjAXi1AbuvjmjG1psFvsDzXCVLWVW2pRSvDQCaZkxZWY07K_nWbd5il72lq3Jo7cC6R6iILxG9TriYVqdMdKABZUMcRK-d3FOMuLjvR9ekdl6t1q90qVKGDub1gnnk7OZ8_BZUF8D5IMmF6QkIWLctwsm_Q-8j9xaftFcNwk0oISAbVym-Lk5NgrqEJzOH3Ej94v9EwAU0&cid=CAASJ-Ros5PpWD-iEeEkoyjiJlV2G1lXy3qjuUbUBdcPwDc3Sa2pHC8cVg&rfl=2%2Chttps%253A%252F%252Fzhovta.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:33:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame A60E 27 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:35:08 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3EE9 143 B
163 B 135ms
46ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:25:18 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 5733 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:29:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5733 136 KB
42 KB 137ms
136ms Script
text/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 May 2022 12:36:38 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ Frame 9BA3 37 KB
37 KB 153ms
48ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:07:32 GMT
x-content-type-options: nosniff
age: 502146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:07:32 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ Frame CA75 37 KB
37 KB 194ms
96ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:07:32 GMT
x-content-type-options: nosniff
age: 502146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:07:32 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ Frame 8BAE 37 KB
37 KB 221ms
126ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:07:32 GMT
x-content-type-options: nosniff
age: 502146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:07:32 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 8F8E 17 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:30:33 GMT

GET
DATA 200
OK truncated
/ Frame B41B 26 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6519ce17427524115e58b3bf121a724b092637c77189bfc098c4af89f61fb99

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9BA3 26 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6519ce17427524115e58b3bf121a724b092637c77189bfc098c4af89f61fb99

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A60E 41 KB
15 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 04:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 04:50:03 GMT

GET
DATA 200
OK truncated
/ Frame CA75 26 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6519ce17427524115e58b3bf121a724b092637c77189bfc098c4af89f61fb99

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8BAE 26 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6519ce17427524115e58b3bf121a724b092637c77189bfc098c4af89f61fb99

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ Frame B41B 37 KB
37 KB 112ms
111ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:07:32 GMT
x-content-type-options: nosniff
age: 502146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:07:32 GMT

GET
DATA 200
OK truncated
/ Frame A60E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5c5604f30806cdad4c5d4e4e331831b952d682280758827b7db96396bd102cf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame A79D 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:30:33 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 652D 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:30:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8F8E 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrFuoNbCOwRO_L7e6yIlFOx2BbhzK1JGHhJmAkdOJg8qhvfw8RiP--sPPT_Ijj1ZFIAMQ8BfiHexHRn4sxXKVy5x913Q
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/ Frame 603A 3 KB
1 KB 134ms
48ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4974a255113c5956045ee5315e8a76856c7952fc4a3cafdc595a7a3606c8256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1195
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 12:36:38 GMT
expires: Tue, 31 May 2022 12:36:38 GMT
last-modified: Wed, 18 May 2022 10:27:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A60E 0
622 B 186ms
85ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8kO5w9-i4ZNeLzK31O96kxGSPSjvcytgXDrBrSSdWBqg7yVwndHoHW6a1Vkcp9TEq3eerzk6qOAtFzwc8caUNpnJZcky6lwC3gfEtPdyq90QLx_3364jEs65CVWx7_BwRHjhGx7ssHqhPL4W20miKiNcAbo4nbkK4BsnmriUTdZh1WZLDtG8oo6xXGxAq0AgOFqq73x3KicJvfE2ctlYVPP0aYm6KuPxNH-d64C1kHgMZy9_Txs1AuXWgyw7pJWaECZsI9HtNNT_gNqpfygX1NPOO7EG8F0GvK70wvx4hMPhVqAyRvo4w_6BUz28bEVhJE_V4w3NbkTzQLxpn03zGNfrIj_9xLZdzTtpGcuSFhz6Qo5ghYKmkYetQO-t-WtdARk7QD894wDZnEaA-edcCWuWJ1rWXSgwzD0Ctvq_B0jJ7X6RkveucOYTcKGzXxfHlHWoVtx4p-wVuNa9wm3XryC6P2ptOVvzQUMje4IlRTBknNR5N0XImyQ8mpcN4r_hhDMFYRmKgLOlmHWh_PfI_C5DLK9dBtBa-QLtZJsPHxuWQzpzd5fFYTPJcA6QWO0ubDJpibCtFNKUqOUVDyORD4foOLRxVVhVpB0t3NQhJw7h0H9Ksul2itaaefbcCg7zDWFRMs51v9qCFWKqXrAnCgbZYx61_gv1-oonmZFSzLOv_36d-FbcJlzJi01FcypYSalGNG-Z-zFiy4l8mhN5Sgj-7CczPDpXkcUBfMlCGoNfFulsGUcnph8NB2y8B3r7KwlCjpgXdEVo8E0rrabewtDlREszdWx67ZkvV-H_Uj0VQyxgLSKmqtfqq-FZD0mdxI8tIe2S_EjItFdfk2rHnWLY1GXPCH4rrPFlKMgc6ogDbDmFtAxYAjD2fdKNozhqKn6tJnkUV18aEjzsYVmmkw18ow4wPRv2LIMCl4QVB8OqXZVyWf8IMvwHp1dBjg0pza8zN_xm2mklw4g0Uvu4LA1UN4eiOEvp2fO0msFwMryNR-zkPfxKcRsByoyM8WihSTyEkeTmfSfvQxpNXaF2hcgebdSAUy62EgXahefkYZ2HEkPU3fWcR-KjpCwcKmmecfygka7t8wEAeZPIWKBfJm4JlW94eVmOniBNRRA&sai=AMfl-YSEBN74tusqdme4Z3Xj-y5wr0h1CWj1xOFMHqehqH3gWclJ0eMuIPIXCH5ZO-8KKt77mggyUVe1yL6CWmIfU3FM7KiApet_fKiYoXL2p5FDQwVh9SoxsOqs-ADom51CuKH1O17QmkqXPYtEsaH-SsaF3_AgiZCxu8IVS3-u6lCRqpIOjKXVE4AU1zM2cjYqjDGsYDWmp9UGJbNZrDey3esR46MEFz8&sig=Cg0ArKJSzK2edC8xKx21EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=462&cbvp=1&cstd=455&cisv=r20220525.22764&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 30 May 2022 12:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 5733 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 12:30:33 GMT

GET
DATA 200
OK truncated
/ Frame 8F8E 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77e86e87d1f306fccfe243fb16df07cc1dcf99af59fb8392ed9389eebfbae914

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame A60E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1056993/63470329/4.js?adContainerId=brand_safety_VrqUYob7DoWf-ganwIuwCQ&cbFunctionName=goog_wrapCb_VrqUYob7DoWf-ganwIuwCQ&true_pb=&adsafe_pb=https%3A%2F%2Fstat...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_VrqUYob7DoWf-ganwIuwCQ&cbFunctionName=goog_wrapCb_VrqUYob7DoWf-ganwIuwCQ&true_pb=

1 KB
1 KB

118ms
50ms

Script
application/javascript

2600:9000:2156:ac00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_VrqUYob7DoWf-ganwIuwCQ&cbFunctionName=goog_wrapCb_VrqUYob7DoWf-ganwIuwCQ&true_pb=
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2156:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 28 May 2022 22:08:41 GMT
content-encoding: gzip
age: 138478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 May 2022 17:31:30 GMT
server: AmazonS3
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary: Accept-Encoding
x-amz-version-id: p602AexzDSbi25TlmSvEq0EreSwEMY5b
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: WIZFoPrZw60txtqrzDfbp4OOIdz0wozRauLDtIq92f-K7aQCd8R-Bw==

Redirect headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:38 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_VrqUYob7DoWf-ganwIuwCQ&cbFunctionName=goog_wrapCb_VrqUYob7DoWf-ganwIuwCQ&true_pb=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame FD1D 80 KB
21 KB 157ms
46ms Script
application/javascript 2600:9000:2156:ac00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 1224126
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: b9Wla8PRwuljiUtRUu-eo-8YGvkUU-KJiA-jmee4P_K_onjkVv38fQ==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D498 22 KB
8 KB 42ms
42ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 13918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 May 2022 08:44:40 GMT
expires: Tue, 30 May 2023 08:44:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
215 B 356ms
104ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iNLW,pingTime:-3,time:62,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
215 B 354ms
105ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iNLY,pingTime:-6,time:64,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:zhovta.ua*%2C78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com*&br=c
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 l
www.google.com/ads/measurement/ Frame A79D 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn9X3n_7MkgEXcV0Ou52_Wjp66ZughjmeEwH0LgkhR1lpnTPK19FPpfhevQIA94Sn33_W9avspt_yj2rYh3ZiEMX5T1A
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A79D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76234507a9b0dd12881d3d2c02a5e924853f2af8821fde17ada73197a1d45569

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3EE9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

114ms
114ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:36:39 GMT
expires: Mon, 30 May 2022 12:36:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 12:36:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
216 B 342ms
104ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iNMb,pingTime:-2,time:77,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:235,mdZ:504,beA:711,beZ:713,mfA:714,cmA:716,inA:716,inZ:720,prA:720,prZ:726,si:732,poA:733,poZ:757,cmZ:757,mfZ:757,loA:775,loZ:778,ltA:788,ltZ:788%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:77,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,sinceFw:54,readyFired:true%7D&br=c
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 l
www.google.com/ads/measurement/ Frame 652D 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPcJoVVfy6ZBM6E9LNyhs7Or_WNomgBQxJdAPSDIKMFSGZTg88_Xwge44t8s2oUSvHTg2IrgEeV9_tFo_MdME7dcOM5g
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 652D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f538360f148fdee8f68f71fb96b56da9348d2d2ae35ffdd23294185933b87f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js Show response
pagead2.googlesyndication.com/bg/ Frame B41B 35 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 09:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 May 2023 09:38:38 GMT

GET
DATA 200
OK truncated
/ Frame 5733 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11d35cb13a612ebb367862a67e3c1c6c699200de481da3d0a104d407b0941126

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame D498 36 KB
14 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 18:32:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 18:32:04 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 603A 118 KB
40 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 15:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 15:45:17 GMT

GET
H3 200 loader.gif
s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/ Frame 603A 19 KB
19 KB 70ms
70ms Image
image/gif 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/loader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2ef24e4966f849ae680edfee556272cfa21f7f02f14697814a1a818a9f63ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:06:50 GMT
x-content-type-options: nosniff
age: 1788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19588
x-xss-protection: 0
last-modified: Wed, 18 May 2022 10:27:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:06:50 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 603A 112 KB
38 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 12:36:39 GMT

GET
H3 200 timelinelite_1.19.1_e83510db25edfef4cf190ed4e5348d58_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 603A 12 KB
4 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/timelinelite_1.19.1_e83510db25edfef4cf190ed4e5348d58_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9db45c7b730f0490aec270afd438e929bdc824fb5e21ce44982453cc03a542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4239
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 12:36:39 GMT

GET
H3 200 tweenlite_1.19.1_9fecaf2f68ee2520ddaa79e268d743a6_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 603A 27 KB
10 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenlite_1.19.1_9fecaf2f68ee2520ddaa79e268d743a6_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b5f5e75af64e4f7f37759cc56d6a427fe98443c9f6663cb8ec6a688e00596e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9861
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 12:36:39 GMT

GET
H3 200 cssplugin_1.19.1_3e055071719ea45b6807509f844b72d9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 603A 41 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/cssplugin_1.19.1_3e055071719ea45b6807509f844b72d9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88d3ca80b7507885eececa9eb48c0d5c22c3d59487036dd4d9917cd65215335a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16483
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:15:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 12:36:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 603A 7 KB
5 KB 136ms
52ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee88d516d0de1b8a466b5cf12e7ffac617ea22a4895ca083ec256500b0d5db0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 May 2022 12:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5577
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A60E 0
26 B 162ms
78ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8kO5w9-i4ZNeLzK31O96kxGSPSjvcytgXDrBrSSdWBqg7yVwndHoHW6a1Vkcp9TEq3eerzk6qOAtFzwc8caUNpnJZcky6lwC3gfEtPdyq90QLx_3364jEs65CVWx7_BwRHjhGx7ssHqhPL4W20miKiNcAbo4nbkK4BsnmriUTdZh1WZLDtG8oo6xXGxAq0AgOFqq73x3KicJvfE2ctlYVPP0aYm6KuPxNH-d64C1kHgMZy9_Txs1AuXWgyw7pJWaECZsI9HtNNT_gNqpfygX1NPOO7EG8F0GvK70wvx4hMPhVqAyRvo4w_6BUz28bEVhJE_V4w3NbkTzQLxpn03zGNfrIj_9xLZdzTtpGcuSFhz6Qo5ghYKmkYetQO-t-WtdARk7QD894wDZnEaA-edcCWuWJ1rWXSgwzD0Ctvq_B0jJ7X6RkveucOYTcKGzXxfHlHWoVtx4p-wVuNa9wm3XryC6P2ptOVvzQUMje4IlRTBknNR5N0XImyQ8mpcN4r_hhDMFYRmKgLOlmHWh_PfI_C5DLK9dBtBa-QLtZJsPHxuWQzpzd5fFYTPJcA6QWO0ubDJpibCtFNKUqOUVDyORD4foOLRxVVhVpB0t3NQhJw7h0H9Ksul2itaaefbcCg7zDWFRMs51v9qCFWKqXrAnCgbZYx61_gv1-oonmZFSzLOv_36d-FbcJlzJi01FcypYSalGNG-Z-zFiy4l8mhN5Sgj-7CczPDpXkcUBfMlCGoNfFulsGUcnph8NB2y8B3r7KwlCjpgXdEVo8E0rrabewtDlREszdWx67ZkvV-H_Uj0VQyxgLSKmqtfqq-FZD0mdxI8tIe2S_EjItFdfk2rHnWLY1GXPCH4rrPFlKMgc6ogDbDmFtAxYAjD2fdKNozhqKn6tJnkUV18aEjzsYVmmkw18ow4wPRv2LIMCl4QVB8OqXZVyWf8IMvwHp1dBjg0pza8zN_xm2mklw4g0Uvu4LA1UN4eiOEvp2fO0msFwMryNR-zkPfxKcRsByoyM8WihSTyEkeTmfSfvQxpNXaF2hcgebdSAUy62EgXahefkYZ2HEkPU3fWcR-KjpCwcKmmecfygka7t8wEAeZPIWKBfJm4JlW94eVmOniBNRRA&sai=AMfl-YSEBN74tusqdme4Z3Xj-y5wr0h1CWj1xOFMHqehqH3gWclJ0eMuIPIXCH5ZO-8KKt77mggyUVe1yL6CWmIfU3FM7KiApet_fKiYoXL2p5FDQwVh9SoxsOqs-ADom51CuKH1O17QmkqXPYtEsaH-SsaF3_AgiZCxu8IVS3-u6lCRqpIOjKXVE4AU1zM2cjYqjDGsYDWmp9UGJbNZrDey3esR46MEFz8&sig=Cg0ArKJSzK2edC8xKx21EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=802&vt=11&dtpt=340&dett=3&cstd=455&cisv=r20220525.22764&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 May 2022 12:36:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
215 B 104ms
104ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iNQq,time:340,type:e,im:%7Bimprf:%7Bttecl:719,ecd:185,tsecr:36%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:340,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B334~0%5D,as:%5B334~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D498 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS1hOVrqUYob7DoWf-ganwIuwCQAAAAA4AeAEAg&bg=!NTalNnLNAAao8wy8iPM7ACkAdvg8WqWjoVRdJ5NbVMk947aknHTBDD4Up5XjwWfHrZv5Y9nSFn2SpgIAAACDUgAAAAJoAQcKAFH3AJGwbXUHGAMfXnYiU25dFy9DtVFOcgx1y6ef_ElxDQuHXi58TyR2KCBU961GROfyh-0WnAVGJRc2FwTIDpzf5d7cg7aTSXFwUNMOgmaAHl2ZAyhTDWmG1dKuJ63Wg1cWJccDMjbtYLNzVJSGCwqw1NROM6wc1wVJuAeUQGnqaqHPhEQvbL9i1wtCLaHhwPbQFYvSssPJqvFj4DU9NmxpT2d-5QV9oBQTLfsGsi71GxIIS1Dv5DC9vjEqAVwzTMcbdSTDISH4IYZziChecTANIPRROXXYzYHXgut5Xv7G1HQ8Rw6Ksddj_qF7L7vFotwRlWxQcC-NWQUZNp2-yCbC_ZqS-NG9h_yZnOmltIGW53wBUXrG5WgihSAxeAoeEXEK-dMF8JD7WNlGbInRIFB7RshgdBdBHPthzHj04IgXk8ayuf54dvSzf9jp6uTb5hWlfp_PTkYFPKnosHlRLf2KrgsyolKAYkOGZcCW39Z21riAa3Fxp3qmjqbDwb7tl9s3mM8Bfh4UOCBJMK4PwQk-LsdoPxK5D88XqQdg9LAMOw54xQTzxGScJ0GdgV1eXMKlyzuq4gWvA5fq4BJCLw7PEYDtssXC_xBba0A-wy3GSe7N34aK-V_jB4FCWm1PvXQIk2mZESeRF6KeHI3lDyKeup7dxtxwdjP8bsSM6YgYgvW-QZrofC-Q6gs40W2VyZZIjCJ8YufjTUxx1aeJzIWNmNFOi2rdoLNb6yret1rWxhCCbpPvTCx4yYk3uR5M3zbhA03WoTaJF--rb53uEQWqIVwmYZ621fYZv7Ts6WjAL1MY-ifws5i715BlGjNz3ak4QdHRe_YSlpmkaxx5nvLlwd9uVbL1eKEGh45vLNx62Awh9SybZ6sEiIkKSmdqZEaijVB2IoC_YlPzpzrUaWXeTD3vCSPyA5a_xiWcVHWvVF0EHfXl5IkVEjhAy7V44qKR3mxgw5-Kz7yLYS-apCJdFNohtxTFSQvm5l7h_MEPpc0T3SZefWUFxLw-Kcdj68ucTBbNF7N0x1FB4dVscWH1-9O3S_kgBIfJubLinihUAefDO3cBOwOZQW3kXCcrVu_X0KtGat7P4UXheyl6vlQJuABt9PUPtz3M06sq7mtB-4PAFpCmtIhKO8HgEcLiHGj4ozIqGCeizFZHudcr4xiqW3y9Mnbg4lANpIQn

Requested by

Host: 78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
URL: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/ Frame 603A 10 KB
2 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29de92f070bdebcd75cdf67750c45dac4b7b85c1cfdcc6c62b14346ea9a88637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
last-modified: Wed, 18 May 2022 10:27:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:30:50 GMT

GET
H3 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/ Frame 603A 2 KB
599 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7ce2b61ccd5d075a6aa5bd55932d362a91ccd4b4910e0600e974cbe507ca1b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 571
x-xss-protection: 0
last-modified: Wed, 18 May 2022 10:27:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:30:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 603A 17 KB
6 KB 309ms
309ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 May 2022 12:36:39 GMT

GET
H3 200 23445842_20220519021719708_CPW_by_Currys-logo-728x90.png
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame 603A 11 KB
11 KB 43ms
43ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20220519021719708_CPW_by_Currys-logo-728x90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d83086daea429127a0620c35d944194cbd3c702d8bc5159c7906e7fa95e8410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:51 GMT
x-content-type-options: nosniff
age: 348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
last-modified: Thu, 19 May 2022 09:17:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:30:51 GMT

GET
H3 200 23445842_20190711084754456_blank_pixel.png
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame 603A 68 B
94 B 56ms
55ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20190711084754456_blank_pixel.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 13:16:34 GMT
x-content-type-options: nosniff
age: 84005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Thu, 11 Jul 2019 15:47:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 May 2022 13:16:34 GMT

GET
H3 200 23445842_20220519021735220_CTA-CPW-ShopNow-728x90.png
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame 603A 4 KB
4 KB 55ms
54ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20220519021735220_CTA-CPW-ShopNow-728x90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cc85feafd5215ad7ae05430acd3b2e48973d4d6d62f13c06c2cf733ab0a9033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:51 GMT
x-content-type-options: nosniff
age: 348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4299
x-xss-protection: 0
last-modified: Thu, 19 May 2022 09:17:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:30:51 GMT

GET
H3 200 23445842_20220519021752147_Product-GalaxyA53-CPW-728x90.png
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame 603A 39 KB
39 KB 44ms
44ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20220519021752147_Product-GalaxyA53-CPW-728x90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1139e6771278476d52401426a4f99ab19adad61e1b8b84501e975d0df01289b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:36:04 GMT
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40385
x-xss-protection: 0
last-modified: Thu, 19 May 2022 09:17:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:36:04 GMT

GET
H3 200 23445842_20220520032050225_Background-CPW-728x90.jpg
s0.2mdn.net/ads/richmedia/studio/23445842/ Frame 603A 9 KB
9 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23445842/23445842_20220520032050225_Background-CPW-728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e31fab76077e73e9501c646662dddb917f6943856d04af4873eabb6ccb30714f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/index.html?e=69&leftOffset=0&topOffset=0&c=q9YcsKmBDc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:51 GMT
x-content-type-options: nosniff
age: 348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8981
x-xss-protection: 0
last-modified: Fri, 20 May 2022 10:20:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:30:51 GMT

GET
H3 200 TradeGothicLTStd-BdCn20.woff2
s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/fonts/ Frame 603A 12 KB
12 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/fonts/TradeGothicLTStd-BdCn20.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b088ba66a204efdde8bd03eb975f293158a414d0ae0e15ad3523c441dff39ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:44 GMT
x-content-type-options: nosniff
age: 355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Wed, 18 May 2022 10:27:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:30:44 GMT

GET
H3 200 TradeGothicLTStd-Cn18.woff2
s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/fonts/ Frame 603A 12 KB
12 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/fonts/TradeGothicLTStd-Cn18.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41397b74af89d0ff5319009524366a340ab81a48fc8105f125bee1d022d3ea1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61629806/20220518032758538/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:30:44 GMT
x-content-type-options: nosniff
age: 355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12608
x-xss-protection: 0
last-modified: Wed, 18 May 2022 10:27:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 May 2022 12:30:44 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
215 B 104ms
103ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iNTS,pingTime:-10,time:554,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1653914199388%7C%7C204a67ac46137e39e777112c18e57ef4%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C644ccb407e2811a3910577efeaa22ece%7C%7C1f29b57f2b56322601dd089192f0d13b%7C%7C7ffd4a9c6bab30c9f62e6e72baf9bdf5%7C%7Cc68a3ec25a5cf3ae87560784aca3a018%7C%7C43da88e8c52c20b19a36b547b9c860a5%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DFE 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 18:32:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13841
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 May 2023 18:32:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A60E 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-vmLNmhMtjSqcNMAPDsuP6R0LGAqKJt5CuxI5mB-1PUFWr1NrzecynsUWidz1xm65o8UQ7aqtTasVdzxGecn0O0pV6Vt-PG7-Lhj-VpkhJFeOXeD4X_FQaNYM&sai=AMfl-YQH_unj4x60wom_tjPRVXqz2OPuTqG6uXdkHmAvnc7BLR5xPWQCpzM22N080z-MWa_UFfqs6EJ330A9raytsXo3tJoHdoQTs8KI6H_6dgHkKL2Y5-E71uSJb-c0QW0&sig=Cg0ArKJSzB7cBG78mCY-EAE&cid=CAASJ-Ros5PpWD-iEeEkoyjiJlV2G1lXy3qjuUbUBdcPwDc3Sa2pHC8cVg&id=lidar2&mcvt=1024&p=20,315,110,1043&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4124708693&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653914198123&rpt=518&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
215 B 103ms
103ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iO4x,time:1215,type:e,im:%7Bpci:%7Btdr:1033%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:110,o:1105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1100~0,0~100%5D,as:%5B1100~728.90%5D%7D%7D,%7Bsl:i,t:1105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B109~100%5D,as:%5B109~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:132,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:40 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iOiU,pingTime:1,time:2106,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1105%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1100~0,0~100%5D,as:%5B1100~728.90%5D%7D%7D,%7Bsl:i,t:1105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:40 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iOiV,pingTime:1,time:2107,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1105%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1100~0,0~100%5D,as:%5B1100~728.90%5D%7D%7D,%7Bsl:i,t:1105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:40 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A60E 43 B
215 B 105ms
105ms Image
image/gif 2600:1f18:1aca:4280:c87d:9204:da04:656d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1056993&asId=91c6d5ce-419f-5a1e-79f9-08b2e30d3720&tv=%7Bc:e6iOiV,pingTime:1,time:2107,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1105%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1100~0,0~100%5D,as:%5B1100~728.90%5D%7D%7D,%7Bsl:i,t:1105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:t7jVqx4+11%7C12%7C131*.1056993-63470329%7C1311%7C1312%7C141%7C142%7C151%7C152%7C161%7C162%7C171%7C172,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:c87d:9204:da04:656d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 12:36:40 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/en_gb/ 82 KB
30 KB 128ms
41ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/en_gb/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAi-_pHLKSBnx_3mVWBzWwFaNMlnVeSn8I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c69ec2d996e861c28811914e31f695dd2507dee77702fec5f90650e92a12da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30596
x-xss-protection: 0
last-modified: Tue, 24 May 2022 22:15:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 18:40:06 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/en_gb/ 309 KB
92 KB 131ms
44ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/en_gb/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAi-_pHLKSBnx_3mVWBzWwFaNMlnVeSn8I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab492b0110cdf621c5e2bbad5e2c3eabbf38cdb42dc6705f31e01faa846ca092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 18:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93908
x-xss-protection: 0
last-modified: Tue, 24 May 2022 22:15:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 18:40:06 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zhovta.ua/	1970-01-20 03:26:40	Name: zhovta_ua Value: eyJpdiI6IlBLVkVOV0VwaFpcL213Vko5QjRXSUlBPT0iLCJ2YWx1ZSI6IkVrUUY4bFFBNkNWZ0tRUHVubjZUa2YxWlMzaENpZEFxWEhBQlpZK050Vm8rMlBoYXpZV01EdTdHbWJCQ1RtY0YyZDJkQ0pJZnNObHlYVWRXTXNCZEhRPT0iLCJtYWMiOiIwMWU4ZDgyY2Q3ZGYzNzA2Njc5N2JiZmY2ZjVmMDIzMGQwM2E1MGUzYTg1ZmI1N2UxZGUxOTQ5MWIyYzhmNWQ0In0%3D
.zhovta.ua/	1970-01-20 20:56:26	Name: _ga Value: GA1.2.127931756.1653914196
.zhovta.ua/	1970-01-20 03:26:40	Name: _gid Value: GA1.2.483828178.1653914196
.zhovta.ua/	1970-01-20 03:25:14	Name: _gat Value: 1
.zhovta.ua/	1970-01-20 20:56:26	Name: __utma Value: 178520687.127931756.1653914196.1653914196.1653914196.1
.zhovta.ua/	1969-12-31 23:59:59	Name: __utmc Value: 178520687
.zhovta.ua/	1970-01-20 07:48:02	Name: __utmz Value: 178520687.1653914196.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.zhovta.ua/	1970-01-20 03:25:14	Name: __utmt Value: 1
.zhovta.ua/	1970-01-20 03:25:15	Name: __utmb Value: 178520687.1.10.1653914196
.zhovta.ua/	1970-01-20 05:34:50	Name: _fbp Value: fb.1.1653914196462.102369989
.facebook.com/	1970-01-20 05:34:50	Name: fr Value: 0TE4pohuZ4XcCMMOm..BilLpU...1.0.BilLpU.
.zhovta.ua/	1970-01-20 12:10:50	Name: _ym_uid Value: 16539141975611511
.zhovta.ua/	1970-01-20 12:10:50	Name: _ym_d Value: 1653914197
.yandex.ru/	1970-01-20 12:10:50	Name: yandexuid Value: 6651353901653914196
.yandex.ru/	1970-01-20 12:10:50	Name: yuidss Value: 6651353901653914196
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2406702881653914196
.yandex.ru/	1970-01-23 19:01:14	Name: i Value: zs84hMsroGVZTMEH49np9qOycXb3Zl99p03wBmAKAdtg2FJODHubFfgk+6ypXR6zUtC/xL+DdzxPSvmfEEU/tHxtmJA=
.yandex.ru/	1970-01-20 12:10:50	Name: ymex Value: 1685450196.yrts.1653914196#1685450196.yrtsi.1653914196
.zhovta.ua/	1970-01-20 03:26:26	Name: _ym_isad Value: 2
.zhovta.ua/	1970-01-20 03:25:15	Name: _ym_visorc Value: w
.zhovta.ua/	1970-01-20 12:46:50	Name: __gads Value: ID=65dd74c2c8e1b0f4-222dd03aa1cd00bf:T=1653914196:S=ALNI_Mb97AmJ6eTfptAU_gUKgMERufjL2g
.doubleclick.net/	1970-01-20 12:46:50	Name: IDE Value: AHWqTUlljLI07RbgnW8sgVHwzf7wv34GVX_6F_UAF76uRJBJP6T5zgwGNh8fpGofvkg
.doubleclick.net/	1970-01-20 03:25:17	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 05:34:50	Name: uuid2 Value: 5784286282502756443
.casalemedia.com/	1970-01-20 05:34:50	Name: CMPS Value: 671
.casalemedia.com/	1970-01-20 12:10:50	Name: CMID Value: YpS6Vqw0S5IN0Zr9j7lU3AAA
.adnxs.com/	1970-01-20 05:34:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVMooOHZ!]tbPl1M>e)ZlrFUfJ+tGXxou:vJzgGMZC/ZMz[QXRWd1F@K`=Q<9QTUduz^3If)y3KL9D3I?+<>dq*q
.casalemedia.com/	1970-01-20 05:34:50	Name: CMPRO Value: 1821
.casalemedia.com/	1970-01-20 12:10:50	Name: CMRUM3 Value: 2d6294ba572760CAESEEFnMMMYGqC53AmRNGxEcCk
.casalemedia.com/	1970-01-20 03:26:40	Name: CMST Value: YpS6VmKUulcA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

78fc6896ac4331a4b14c73adf152ceb2.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
maps.googleapis.com
mc.yandex.ru
pagead2.googlesyndication.com
s0.2mdn.net
s1.zhovta.ua
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
zhovta.ua
142.250.185.162
142.250.186.130
142.251.37.98
144.76.118.10
184.87.213.8
185.33.221.14
2001:4de0:ac18::1:a:1b
2600:1f18:1aca:4280:c87d:9204:da04:656d
2600:9000:2156:ac00:8:48e:53c0:93a1
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200a
2a00:1450:4014:80e::2002
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.250.52.20
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1139e6771278476d52401426a4f99ab19adad61e1b8b84501e975d0df01289b5
11d35cb13a612ebb367862a67e3c1c6c699200de481da3d0a104d407b0941126
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b3f9e370af4069d73b9b4a9659a80419a83a72bfd4c08a577e7d35e0226f10
13f538360f148fdee8f68f71fb96b56da9348d2d2ae35ffdd23294185933b87f
17a32658e817f5f4b300987b21caffa28c22e41156933f0bcb2c9264ec953094
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
1b4bfc51238f4dbdf27cb79643a1536b0aaca874b3edd65cab5353300b64570c
1deb05609ea8dd3eb5c4a30b059ff80d8121b50d31ef592651bb15cda638a37d
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24d6eeb62927ebb59214201c1ae9fe8998fabcffc9b73bb2d07b9ed35cea1f05
262491e662b70583a979c0c1e0bc2f13f6ddd8c02f6b5ecca42a1a9b902f4871
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29de92f070bdebcd75cdf67750c45dac4b7b85c1cfdcc6c62b14346ea9a88637
2b088ba66a204efdde8bd03eb975f293158a414d0ae0e15ad3523c441dff39ea
2fea1b9a08df090b0287d5f753dbbcce5f9044bd649449431d85354fafd31d4a
30c508329211eede358e6a3561924956cf858c3e1f3a6819ea40874b9e606721
3464d6c748ffa74b09788f0aafaeca82b9c21d8751a2cfc0f15a372b494b1a68
36f91429b0140f9f8fd42f1dd1195ca4bb49d8bb12ca853cb2c08a5ddc489d5d
39bf436064c81f1ffcdea489727643761c8add89cbafec46220797d677bc93f0
3cc85feafd5215ad7ae05430acd3b2e48973d4d6d62f13c06c2cf733ab0a9033
41397b74af89d0ff5319009524366a340ab81a48fc8105f125bee1d022d3ea1a
44e0c5bbc4d01be8c7bd4a7d50ece65dd261521a6a883c50f67fd05feba4414e
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
49d70a9c2a0babf52874d753368dd42cd19187173f4687b6e66618fed2123a37
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf5202ea18d5f14c6627977c0c694efd0e9b05adf2675c5fbb796639a32d10a
4d2ac029791256e913271fec433c3303515c7d91f1b1634da53ad702b825e7e5
4ebb31cfd35098e8e8addfc231854acc85dd2fd0228ceabf498edb9055592deb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
522284064e5f4c37a4dfcdb6025cb110dc1ba941aea0696b5df1b0011d817bfe
528be60b632807c7cbab0866c94d5eb88c3dc77bcf5fcb0dc81d0fbb798fc8af
53fbef0a550905dedb830df449586ccc857e984b40254f001e601849d08e4247
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5744b93d719cb88f6b376b2fc28e82ae1a802971ff11dbf8b145e19b93dddbef
5ca3e1139a5d1d0ebe29997a244de6fece6207b5265e697db71f2a20a8d063d4
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b5f5e75af64e4f7f37759cc56d6a427fe98443c9f6663cb8ec6a688e00596e
688581526a07b4ebf7a20ff772310ce8da309ffeb9cf79eed0c509799bda3cb6
6a82dab8b342d2b2ddff4960ef2c7be8ade29e10429aed3b8238ec41d3874b4f
6b8af26e3c5c85e0fcddb449e612da2f10dad9c70445dd8b9f8f1a0109a32492
6b9db45c7b730f0490aec270afd438e929bdc824fb5e21ce44982453cc03a542
6c69ec2d996e861c28811914e31f695dd2507dee77702fec5f90650e92a12da1
6cd758ed801e9ccb52c9eb95da2fe72002357d64995902eb8a1c15b0bbf45674
76234507a9b0dd12881d3d2c02a5e924853f2af8821fde17ada73197a1d45569
77e86e87d1f306fccfe243fb16df07cc1dcf99af59fb8392ed9389eebfbae914
7c646a843a8583d1d4d9176fe620e91e24851aed73600a2ee131d481a165935d
82d8110bfa9b0c238d7a33a3814693e5a8add1851978032637132f391f793d40
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f52ae01a1ca60a7c5d40c7a9008f320519bb1e11b50db65e8fc797f5258f7f
88d3ca80b7507885eececa9eb48c0d5c22c3d59487036dd4d9917cd65215335a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94c8eaf7108f6b5de448268aa780b464b7825d476d350ba673d858715618b977
94d225dea35625dd151445c5f7e3a5f1b309cc0a5d2395f22c83d5d2616e657a
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
99d5a12ee523fe304d101fbe63f5287b85983b3a0fec2fb16690b1178f401b67
9b60f9f86d77e2bc5425dcc7d4a02bda887f74aca04ea1b14ab147dcc91b9295
9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341
9d83086daea429127a0620c35d944194cbd3c702d8bc5159c7906e7fa95e8410
9d91f5f3024bec881e61f8c4887176d64cfd89bc6a2d912ebece65d8fee8d91e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77d5033c61a752fbb564133dcdcf098ac0cec5c4e6aa8f196a3e548a8a154e7
ab492b0110cdf621c5e2bbad5e2c3eabbf38cdb42dc6705f31e01faa846ca092
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4974a255113c5956045ee5315e8a76856c7952fc4a3cafdc595a7a3606c8256
b4cb688258440ab067c4dd9f03f80b8bcc2eae563f3fa57f1266216a7f3d6814
b5c5604f30806cdad4c5d4e4e331831b952d682280758827b7db96396bd102cf
b8b470f036a118349c673d320ea1d200f488f6ae084b1125c1583ed72ebd6b59
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bd32080f978b5b99b2362c8646c9fb89496cc736d8da31a827162cef66feaa32
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c6519ce17427524115e58b3bf121a724b092637c77189bfc098c4af89f61fb99
c75d0893bf63c26d4c0c06f6e0cfdcca24ffbc6431f8148f6243c30687b82ae0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce53b7d94b6c6dae3b978f4fc50811064baa4ca79935dc11c7e2223301c59f96
ceb4fbd7e9cfd6afbb7c05c6b95cf7003a851a2d2aec41444c6803219c034858
d348e4963616a1d1d838237d04aca5bf5e51495bd59cbe25519301d8b5266561
d4fa5d4b88126710b9e65ec883dae16c991fd51b837a3e9f7bef30c47d90147d
db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c
dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad
def63a575211d8f3c7f1ca69439bbc8f05cbc46db5ddc0c44940a01ae86e2533
df0a549a1389d264746969d3af4d97b54b5efe395273f5a64b708570f8a02657
e053ee60f658d14e4c883114b3882d0d07c29ec8730ca31099c4f304f28abd17
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e31fab76077e73e9501c646662dddb917f6943856d04af4873eabb6ccb30714f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e7ce2b61ccd5d075a6aa5bd55932d362a91ccd4b4910e0600e974cbe507ca1b3
ed37304123b9f91a8141d4c161e452977acc50e64925f8c2a069f7a974ea9002
ee88d516d0de1b8a466b5cf12e7ffac617ea22a4895ca083ec256500b0d5db0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbe4d9113fe429cb94a9aed4a144dc51a369c96ce916b19471bf981877c9cec
f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2
f2ef24e4966f849ae680edfee556272cfa21f7f02f14697814a1a818a9f63ddd
ff79acbd5aa82002c44f55b0687b1c40419c55a16ac63075050d7f185f7ce878

zhovta.ua Open in urlscan Pro 144.76.118.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

96 %HTTPS

75 %IPv6

17 Domains

29 Subdomains

29 IPs

6 Countries

3316 kBTransfer

8777 kBSize

30 Cookies

15 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zhovta.ua Open in urlscan Pro
144.76.118.10 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

96 %
HTTPS

75 %
IPv6

17
Domains

29
Subdomains

29
IPs

6
Countries

3316 kB
Transfer

8777 kB
Size

30
Cookies

169 HTTP transactions
10 data transactions