urlscan.io logo urlscan.io
SecurityTrails logo

www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buhoblik.org.ua/
Effective URL: https://www.buhoblik.org.ua/
Submission: On August 18 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 9 countries across 26 domains to perform 156 HTTP transactions. The main IP is 2a06:6440:0:2d02::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.buhoblik.org.ua.
TLS certificate: Issued by R3 on August 4th 2022. Valid for: 3 months.
This is the only time www.buhoblik.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 2a06:6440:0:2... 200000 (UKRAINE-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
10 2a03:90c0:41:... 199524 (GCORE)
2 2a00:1450:400... 15169 (GOOGLE)
2 95.216.186.40 24940 (HETZNER-AS)
1 2001:41d0:602... 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
5 146.0.227.109 29066 (VELIANET-...)
1 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
23 2001:67c:4e8:... 62041 (TELEGRAM)
9 34.111.35.152 15169 (GOOGLE)
11 2a02:2638:1::3 44788 (ASN-CRITE...)
3 3 3.67.173.21 16509 (AMAZON-02)
2 2 52.210.103.98 16509 (AMAZON-02)
1 193.200.65.6 6681 (GIVEME-CLOUD)
1 198.47.127.18 3257 (GTT-BACKB...)
1 2 37.252.173.22 29990 (ASN-APPNEX)
1 2 185.184.8.90 204995 (RTB-HOUSE...)
4 178.250.0.165 44788 (ASN-CRITE...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
156 37
11    2a06:6440:0:2d02::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
buhoblik.org.ua
www.buhoblik.org.ua
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com.ua
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
9    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    95.216.186.40 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de
xn--r1a.website
1    2001:41d0:602:8bf:: (France)

ASN16276 (OVH, FR)
avto-oblik.com.ua
8    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
23    2001:67c:4e8:f004::9 (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)
telegram.org
9    34.111.35.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.35.111.34.bc.googleusercontent.com
cdn4.telegram-cdn.org
11    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    3.67.173.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-173-21.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.210.103.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-103-98.eu-west-1.compute.amazonaws.com
r.scoota.co
1    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
1    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
2    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
11    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
mts0.google.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
7    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
26 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
pix.eu.criteo.net — Cisco Umbrella Rank: 7955
csm.eu.criteo.net — Cisco Umbrella Rank: 8150
207 KB
23 telegram.org
telegram.org — Cisco Umbrella Rank: 10677
252 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
309 KB
15 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 51836
inv-nets.admixer.net — Cisco Umbrella Rank: 2604
200 KB
11 buhoblik.org.ua
buhoblik.org.ua
www.buhoblik.org.ua
230 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13652
ads.eu.criteo.com — Cisco Umbrella Rank: 7878
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9998
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
61 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
131 KB
9 telegram-cdn.org
cdn4.telegram-cdn.org — Cisco Umbrella Rank: 36154
773 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
145 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
133 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
31 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 88
mts0.google.com — Cisco Umbrella Rank: 4533
www.google.com — Cisco Umbrella Rank: 9
30 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
87 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 668
678 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
2 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 39569
1 KB
2 xn--r1a.website
xn--r1a.website — Cisco Umbrella Rank: 765619
14 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 334
17 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
5 KB
1 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 603
42 B
1 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 87371
351 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
649 B
1 avto-oblik.com.ua
avto-oblik.com.ua
72 KB
1 google.com.ua
www.google.com.ua — Cisco Umbrella Rank: 17954
320 B
156 26
Domain Requested by
23 telegram.org xn--r1a.website
telegram.org
13 pix.eu.criteo.net ads.eu.criteo.com
11 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 static.criteo.net cdn.admixer.net
www.buhoblik.org.ua
ads.eu.criteo.com
10 cdn.admixer.net www.buhoblik.org.ua
cdn.admixer.net
9 cdn4.telegram-cdn.org xn--r1a.website
9 pagead2.googlesyndication.com www.buhoblik.org.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
9 www.buhoblik.org.ua www.buhoblik.org.ua
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
5 inv-nets.admixer.net cdn.admixer.net
www.buhoblik.org.ua
4 bidder.criteo.com static.criteo.net
3 x.bidswitch.net 3 redirects
3 fonts.googleapis.com xn--r1a.website
telegram.org
googleads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 creativecdn.com 1 redirects www.buhoblik.org.ua
2 ib.adnxs.com 1 redirects www.buhoblik.org.ua
2 r.scoota.co 2 redirects
2 xn--r1a.website www.buhoblik.org.ua
telegram.org
2 ssl.google-analytics.com www.buhoblik.org.ua
2 www.gstatic.com www.buhoblik.org.ua
googleads.g.doubleclick.net
2 buhoblik.org.ua 2 redirects
1 www.google.com tpc.googlesyndication.com
1 mug.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 csi.gstatic.com cdn.ampproject.org
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 mts0.google.com googleads.g.doubleclick.net
1 image8.pubmatic.com www.buhoblik.org.ua
1 m.trafmag.com www.buhoblik.org.ua
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 avto-oblik.com.ua www.buhoblik.org.ua
1 www.google.com.ua 1 redirects
156 40

This site contains no links.

Subject Issuer Validity Valid
www.buhoblik.org.ua
R3		 2022-08-04 -
2022-11-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
xn--r1a.website
R3		 2022-06-25 -
2022-09-23		 3 months crt.sh
www.avto-oblik.com.ua
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2021-09-10 -
2022-10-09		 a year crt.sh
cdn4.telegram-cdn.org
GTS CA 1D4		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://www.buhoblik.org.ua/
Frame ID: DA70FD01C2CADA6A2ECDE0BBFD705A9B
Requests: 47 HTTP requests in this frame

Frame: https://xn--r1a.website/s/buhoblik_org_ua
Frame ID: 53ED4FC3EEBA4016D58F4A6D206A3816
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220816/r20190131/zrt_lookup.html
Frame ID: D84F773564511936CB0413B837739466
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: 7D8B22E7EF94B43F60D6E8D19D2FDE95
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: 36DAAB57E17FBA415D7A7E13C89C4BF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1660795084&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084816&bpp=4&bdt=515&idt=169&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3180257469578&frm=20&pv=2&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: 68F86DB5F4E5CB49AE4DEF83D57A40E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Frame ID: 536EBFF66308E07BECD0F65A0611C4BD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Frame ID: 3F9B4CF2ACBAA4535D7EF6BD0B8A93A2
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Frame ID: B90A965519AD17BEE1E6F3FEF43DD026
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: 93144E88E47E9153D33F3D2E118AB523
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: C6E72F199F4DAC8380D720FD75DDEAD7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.buhoblik.org.ua
Frame ID: C569B0F6B1A01928A49574DE1B3C8BA4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B55CCC30DEDD4A12D41535D23E239BAF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 995566466D02863F68FDCCF836E20C58
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Бухучет в Украине : Бухгалтерский и налоговый учет

Page URL History Show full URLs

  1. http://buhoblik.org.ua/ HTTP 301
    https://buhoblik.org.ua/ HTTP 301
    https://www.buhoblik.org.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

156
Requests

97 %
HTTPS

62 %
IPv6

26
Domains

40
Subdomains

37
IPs

9
Countries

2701 kB
Transfer

5718 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buhoblik.org.ua/ HTTP 301
    https://buhoblik.org.ua/ HTTP 301
    https://www.buhoblik.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 41
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=82d3a27d43a34fe287fc4152e199f904&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=82d3a27d43a34fe287fc4152e199f904&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ab7fea21-8cd4-4ed7-bfb4-1fb6b76c1d6d&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=5cbcb787-f911-4b1a-974d-9fc26a8443b5&gdpr=&consent=&gdpr_pd=
Request Chain 44
  • https://ib.adnxs.com/setuid?entity=533&code=82d3a27d43a34fe287fc4152e199f904 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D82d3a27d43a34fe287fc4152e199f904
Request Chain 45
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 159
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=buhoblik.org.ua&sn=ChromeSyncframe&so=0&topUrl=www.buhoblik.org.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_cNykHxic21MWnNGQzJneFdzdzkzWHJCbk0xU2JNbEN0TXZaTGlJQWxoemxmQnV5MGlIZHBJWjd0QytUVXYyWlB0VGV1RzFIUFM3R0ZFZmtPdjdUaGFkdHUyc05qaXFxK3I1NU5vcHZjbFhHaVdTZlBkK2ZNQWhManU1RGxUOHlMY3ExUUFFYXBNNlgrNXU1VndnQUJLS2ZXTWxUME1RQnY2bCtLQlBxZnF0UHNxcHRpcWxMQUJPSU4zMHUrZzBmbXd5VUQ2cndCM2t6NVVvWW1INHhQRExFL1VsZFVhM0xtQXZLUkd3dndKaUE3YU4xTFJxTmN6WEpZUUtTOFFRL1MxRUJQOW9FVXUxYzl3L0dUSWdjTFprNko5UT09fA&cppv=2

156 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.buhoblik.org.ua/
Redirect Chain
  • http://buhoblik.org.ua/
  • https://buhoblik.org.ua/
  • https://www.buhoblik.org.ua/
84 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c79fe4aca7ad01b04807f0432625598e4e9cc7f46556b0e34a3ae84b767a812e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
content-encoding
gzip
content-length
15299
content-type
text/html; charset=utf-8
date
Thu, 18 Aug 2022 03:58:04 GMT
expires
Wed, 17 Aug 2005 00:00:00 GMT
last-modified
Thu, 18 Aug 2022 03:58:04 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-ray
p953:0.170/wn25401:0.170/wa25401:D=168992

Redirect headers

cache-control
max-age=0
content-length
236
content-type
text/html; charset=iso-8859-1
date
Thu, 18 Aug 2022 03:58:04 GMT
expires
Thu, 18 Aug 2022 03:58:03 GMT
location
https://www.buhoblik.org.ua/
server
nginx
x-ray
p953:0.010/wn25401:0.000/wa25401:D=3676
937d2c2ee43bca358b9b71d8167863c767f6a3e64cf2ba0703a7f07c0a987df3.css
www.buhoblik.org.ua/media/com_jchoptimize/cache/css/ 		161 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/media/com_jchoptimize/cache/css/937d2c2ee43bca358b9b71d8167863c767f6a3e64cf2ba0703a7f07c0a987df3.css
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
content-encoding
br
last-modified
Sat, 06 Aug 2022 07:42:02 GMT
server
nginx
etag
W/"62ee1b4a-28387"
content-type
text/css
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
expires
Sat, 17 Sep 2022 03:58:04 GMT
937d2c2ee43bca358b9b71d8167863c7fe11058a8effe382178f5c9b88baefc8.js
www.buhoblik.org.ua/media/com_jchoptimize/cache/js/ 		137 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/media/com_jchoptimize/cache/js/937d2c2ee43bca358b9b71d8167863c7fe11058a8effe382178f5c9b88baefc8.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
377d27d86822418762eb956a7d4eec9823d6a9d3fd6f6d3ca0d63fdf374a0b69

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
content-encoding
br
last-modified
Sun, 19 Jun 2022 12:21:49 GMT
server
nginx
etag
W/"62af14dd-223b2"
content-type
application/javascript
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
expires
Sat, 17 Sep 2022 03:58:04 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 14:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 18 Aug 2022 14:43:42 GMT

Redirect headers

date
Thu, 18 Aug 2022 03:58:04 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Thu, 18 Aug 2022 04:28:04 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		169 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95796fb57a64296d8e28431de6f7b70e97a22c2176829b295be1c8349b310429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57276
x-xss-protection
0
server
cafe
etag
7822904009259037753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Aug 2022 03:58:04 GMT
list_black.png
www.buhoblik.org.ua/images/ 		417 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/list_black.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p953:0.001/wn25401:0.000/
last-modified
Thu, 27 Aug 2015 18:43:06 GMT
server
nginx
etag
"55df5a3a-1a1"
content-type
image/png
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
accept-ranges
bytes
content-length
417
expires
Sat, 17 Sep 2022 03:58:04 GMT
youtube-32.png
www.buhoblik.org.ua/images/ 		918 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/youtube-32.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p953:0.001/wn25401:0.000/
last-modified
Sat, 21 Mar 2020 22:41:20 GMT
server
nginx
etag
"5e769810-396"
content-type
image/png
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
accept-ranges
bytes
content-length
918
expires
Sat, 17 Sep 2022 03:58:04 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e1b74179b96128224ddccec1513390bba39aeb09133abf2e17a21f0639b2308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Origin
https://www.buhoblik.org.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51461
x-xss-protection
0
server
cafe
etag
17996564249768834050
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Aug 2022 03:58:04 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 18 Aug 2022 03:58:04 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:08:58 GMT
server
nginx
etag
W/"62e28a6a-2c101"
x-cached-since
2022-08-18T03:53:17+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 28 Jul 2022 13:20:16 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4031
date
Thu, 18 Aug 2022 02:50:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 18 Aug 2022 04:50:53 GMT
module-main3.png
www.buhoblik.org.ua/images/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/module-main3.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p953:0.002/wn25401:0.000/
last-modified
Sun, 13 Feb 2022 17:15:45 GMT
server
nginx
etag
"62093cc1-11743"
content-type
image/png
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
accept-ranges
bytes
content-length
71491
expires
Sat, 17 Sep 2022 03:58:04 GMT
buhoblik_org_ua
xn--r1a.website/s/ Frame 53ED 		99 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--r1a.website/s/buhoblik_org_ua
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
ef422f043a4d91eda341e1d981f9e1dce31b3fb321aac132b92c52ced20941dd
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 18 Aug 2022 03:58:04 GMT
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=35768000
Transfer-Encoding
chunked
num_star.png
www.buhoblik.org.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/num_star.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
last-modified
Tue, 03 Jan 2017 22:58:31 GMT
server
nginx
etag
"586c2c97-652"
content-type
image/png
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
accept-ranges
bytes
content-length
1618
expires
Sat, 17 Sep 2022 03:58:04 GMT
pdf-sborniki-vnizu-115-2022.png
avto-oblik.com.ua/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avto-oblik.com.ua/images/pdf-sborniki-vnizu-115-2022.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:602:8bf:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
wn33738:0.000/
last-modified
Mon, 27 Dec 2021 15:47:26 GMT
server
nginx
etag
"61c9e00e-1201c"
content-type
image/png
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
accept-ranges
bytes
content-length
73756
expires
Sat, 17 Sep 2022 03:58:04 GMT
dovidnik-buhgaltera-238.png
www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/dovidnik-buhgaltera-238.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
last-modified
Wed, 26 Jul 2017 08:14:12 GMT
server
nginx
etag
"59784f54-3eb3"
content-type
image/png
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
accept-ranges
bytes
content-length
16051
expires
Sat, 17 Sep 2022 03:58:04 GMT
sidebar-uchet-2021.png
www.buhoblik.org.ua/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/sidebar-uchet-2021.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6a82502c1baab28ba6f410aa012fff53bd4f01d8de430e54589e583a0dc3ce80

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
last-modified
Wed, 06 Apr 2022 09:28:41 GMT
server
nginx
etag
"624d5d49-e758"
content-type
image/png
cache-control
max-age=2592000
date
Thu, 18 Aug 2022 03:58:04 GMT
accept-ranges
bytes
content-length
59224
expires
Sat, 17 Sep 2022 03:58:04 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1880752716&utmhn=www.buhoblik.org.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&utmhid=1873059030&utmr=-&utmp=%2F&utmht=1660795084739&utmac=UA-23922474-1&utmcc=__utma%3D21695912.1756452222.1660795085.1660795085.1660795085.1%3B%2B__utmz%3D21695912.1660795085.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=970807908&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 03:58:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af87962b19fc06462de354b74e872cedae74a80dbe777e72b89481392f032936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122696
x-xss-protection
0
server
cafe
etag
14530680066874846343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Aug 2022 03:58:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220816/r20190131/ Frame D84F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220816/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
35415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 18:07:49 GMT
etag
8616628553774171045
expires
Wed, 31 Aug 2022 18:07:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c.html
cdn.admixer.net/scripts3/48427/ Frame 7D8B 		738 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Thu, 18 Aug 2022 03:58:04 GMT
etag
W/"62e28a7b-2e2"
expires
Sat, 29 Jul 2023 13:10:17 GMT
last-modified
Thu, 28 Jul 2022 13:09:15 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:17+00:00
x-id
fr5-up-gc36
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/48427/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 18 Aug 2022 03:58:04 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:13 GMT
server
nginx
etag
W/"62e28a79-5d41"
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:17+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 13:10:17 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/48427/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 18 Aug 2022 03:58:04 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:02 GMT
server
nginx
etag
W/"62e28a6e-12c39"
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:17+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 13:10:17 GMT
c.html
cdn.admixer.net/scripts3/48427/ Frame 36DA 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Thu, 18 Aug 2022 03:58:04 GMT
etag
W/"62e28a7b-2e2"
expires
Sat, 29 Jul 2023 13:10:17 GMT
last-modified
Thu, 28 Jul 2022 13:09:15 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:17+00:00
x-id
fr5-up-gc36
dsp.aspx
inv-nets.admixer.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=2395074785520739&cpv=318c8bda-5f54-70a7-4381-785adafe1d8c&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%221a724c6c-dc2b-bc24-de23-5430c2a4ef81%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.buhoblik.org.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22bcd55940-d2c5-3d59-852e-25d6e1bde36c%22%2C%22tagid%22%3A%22dab6be62-b1e7-4d05-a12c-0a70b3291504%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dab6be62b1e74d05a12c0a70b3291504_zone_1393_sect_956_site_943%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
5e0a684723a981127981a095c23b0eb2cecefa041866191da27c4c13ffc524c3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 18 Aug 2022 03:58:05 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
1388
X-Xss-Protection
0
cookie.js
partner.googleadservices.com/gampad/ 		219 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.buhoblik.org.ua&callback=_gfp_s_&client=ca-pub-5630956766216465
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
2e5e131a5fe8b86ca84d625da87ea0eb947ef60a7afb309f235daefcc42f026d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 68F8 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1660795084&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084816&bpp=4&bdt=515&idt=169&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3180257469578&frm=20&pv=2&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 03:58:05 GMT
expires
Thu, 18 Aug 2022 03:58:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 536E 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcfed7e2e2c14fd97eec00ca6d50d3b0517261ff5354ae3a065fa402f8b0173f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9708
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 03:58:05 GMT
expires
Thu, 18 Aug 2022 03:58:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3F9B 		302 KB
93 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7fce570fe3c47db38f2f04e0660e12d6520e979bfa2e4476ed677f867d6b76a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
95449
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 03:58:05 GMT
expires
Thu, 18 Aug 2022 03:58:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B90A 		122 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a293a7ace275fc3b9a3b1d0b110cd74ef2808877babea0f5f100eb2a862fddd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
38269
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 03:58:05 GMT
expires
Thu, 18 Aug 2022 03:58:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 53ED 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 03:25:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Aug 2022 03:58:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Aug 2022 03:58:05 GMT
widget-frame.css
telegram.org/css/ Frame 53ED 		86 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/widget-frame.css?62
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
437e2f919345cdc64ce4cc4de32598b6c99b2962f3e209c4c2efe4eeb4db7971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Fri, 15 Jul 2022 13:29:32 GMT
server
nginx/1.18.0
etag
W/"62d16bbc-157fd"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
telegram-web.css
telegram.org/css/ Frame 53ED 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/telegram-web.css?33
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dd4c56f7e4e4d47753a48540330518aa2f067e061970c7c3be640e23963aafb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 14 Jul 2022 22:52:43 GMT
server
nginx/1.18.0
etag
W/"62d09e3b-793b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
H3BD1h4jIs8S71sQkkb30Cn2Ypac111HkFnyCkWxAl98_BWnmuws8R8ChY5OHxlmFHFali2F163p0fnBXzYshSkVXQGg0qwEBUKo-DV71NLktX2k9mhST7-N_j4gtL2fbNs9qyJEPpPrtWND3vbLqE19RHojRhdjT3wKa8eokP6ZPy9rvLmpm1uLb5CWWBTAoRn5q...
cdn4.telegram-cdn.org/file/ Frame 53ED 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/H3BD1h4jIs8S71sQkkb30Cn2Ypac111HkFnyCkWxAl98_BWnmuws8R8ChY5OHxlmFHFali2F163p0fnBXzYshSkVXQGg0qwEBUKo-DV71NLktX2k9mhST7-N_j4gtL2fbNs9qyJEPpPrtWND3vbLqE19RHojRhdjT3wKa8eokP6ZPy9rvLmpm1uLb5CWWBTAoRn5qd6OX4UcK4zXn4YjMFVcL9nyEjD7mJh8iYNWeBkf8yqUj1vjn0k3DH1Owe-XsYCpiHYtD3A8gnr4XHNrPFKL1s7ZOYaKvrDqUFNA5pyWqTslddZWc2AmxDHHjJnrXcNCYZHPDkw50DQFkdxjCg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1da67e20c0a4ac1486f38f01e01cdb805992a3f857ef49dccd9529e6b7571d0c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4611
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"c306c2f92fde71f3d8b7f957309116d3efaf27c1"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
jquery.min.js
telegram.org/js/ Frame 53ED 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/jquery.min.js
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-1762a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
jquery-ui.min.js
telegram.org/js/ Frame 53ED 		96 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/jquery-ui.min.js
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-181a9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
tgwallpaper.min.js
telegram.org/js/ Frame 53ED 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/tgwallpaper.min.js?3
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 19:57:25 GMT
server
nginx/1.18.0
etag
W/"62211da5-ba3"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
tgsticker.js
telegram.org/js/ Frame 53ED 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/tgsticker.js?29
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dd6e691a27d07125e04993917cfb3f75ac9d8926f6b66d7c2e45368aa130e660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 21:52:44 GMT
server
nginx/1.18.0
etag
W/"62bcc9ac-5faf"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
widget-frame.js
telegram.org/js/ Frame 53ED 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/widget-frame.js?59
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a3a9666403dd904811c01ba6925d89449b27aa3efe19e86b9d8864d660922fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 14 Jul 2022 22:52:43 GMT
server
nginx/1.18.0
etag
W/"62d09e3b-16c7c"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
telegram-web.js
telegram.org/js/ Frame 53ED 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-web.js?14
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 10:32:52 GMT
server
nginx/1.18.0
etag
W/"62345fd4-2e63"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
18da79f767f5a603e9b235ec78993380e8c00aaf1ec855049e8a79107e3013c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:26 GMT
server
nginx
etag
W/"62e91dce-1dc2b"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Aug 2022 03:58:05 GMT
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=82d3a27d43a34fe287fc4152e199f904&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=82d3a27d43a34fe287fc4152e199f904&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ab7fea21-8cd4-4ed7-bfb4-1fb6b76c1d6d&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=5cbcb787-f911-4b1a-974d-9fc26a8443b5&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=5cbcb787-f911-4b1a-974d-9fc26a8443b5&gdpr=&consent=&gdpr_pd=
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 18 Aug 2022 03:58:06 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=5cbcb787-f911-4b1a-974d-9fc26a8443b5&gdpr=&consent=&gdpr_pd=
Date
Thu, 18 Aug 2022 03:58:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=82d3a27d43a34fe287fc4152e199f904
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 18 Aug 2022 03:58:05 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=82d3a27d43a34fe287fc4152e199f904
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D82d3a27d43a34fe287fc4152e199f904
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D82d3a27d43a34fe287fc4152e199f904
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Aug 2022 03:58:05 GMT
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d6343616-aadc-4293-aee5-0857383b7505
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Aug 2022 03:58:05 GMT
X-Proxy-Origin
82.199.130.38; 82.199.130.38; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
afcaa26a-b9fb-4064-83ad-dccbb877642c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D82d3a27d43a34fe287fc4152e199f904
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 03:58:05 GMT, Thu, 18 Aug 2022 03:58:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Thu, 18 Aug 2022 03:58:05 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 53ED 		112 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=M+PLUS+Rounded+1c:wght@700&display=swap
Requested by
Host: telegram.org
URL: https://telegram.org/css/widget-frame.css?62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1c5e16c3abc728ef3c7eb1ff66fc5b15f08232156bae6493e37becbd1b2f01d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://telegram.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 03:32:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Aug 2022 03:58:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Aug 2022 03:58:05 GMT
cdb
bidder.criteo.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=126&profileId=184&cb=47711768965
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.buhoblik.org.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.buhoblik.org.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=126&profileId=184&cb=24977125948
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.buhoblik.org.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.buhoblik.org.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
css
fonts.googleapis.com/ Frame B90A 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 03:08:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Aug 2022 03:58:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Aug 2022 03:58:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame B90A 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1424
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 03:34:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B90A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjG9mzbj9YsDUCpnR1fAP3ue46A6m6JfTZbGX5orQDrbM5q2JAhABIOfk8hZglQKgAffnid8CyAEJqQLlWBbbPhOxPqgDAcgDywSqBIYCT9DlOoOH5c1hGsIEJLWZo5K-CWg-mwXcjJ1cvnvITB3e65prnoGF47z3ux2zbTO2DTTiAOJhQ973fIwd7MrBkxry0uhBh6J3cJt6dU0ljefjh7zMoFs-O7KAl7n9beq9tlTAdEpmtHY17p5gZ1jxeIODUrNxhFPWA-dJ8YG_XQjyQhCu1rVPO1WdjqV6rrdj0yZfBKqXIwibgTDtf8i2pIV6OtsrZC0HCgsb7zkzElMGwNcI7jHUvlKpvocWA-j1MaXPVa7xFHrFZbuRrdw5W04lI4TCou5l84ZncZw4EXfJBqgk1SanJvB6d3eLfzf5fgSI3mNVEd34UWEBl4f5eP6V94FcRsAEpf2749EDkgUECAQYAZIFBAgFGASgBi6AB_GX9qABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxd8C0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGiDAgqBgoE-Z6xArgTiATYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNTYzMDk1Njc2NjIxNjQ2NRgA&sigh=42zsHpsAjBo&uach_m=[UACH]&template_id=520
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 18 Aug 2022 03:58:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 18 Aug 2022 03:58:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame 536E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 03:51:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 536E 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Aug 2022 03:58:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame 536E 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 03:47:59 GMT
data=9vPP5H_sJ-vGDvFrY_WhI1HlromcOnmLnHr0uZZ5JO5-VHbzkfDN6yK8DNcmHCg0O2z-K8H2S5oOSYcjYIeXyQ
mts0.google.com/vt/ Frame B90A 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=9vPP5H_sJ-vGDvFrY_WhI1HlromcOnmLnHr0uZZ5JO5-VHbzkfDN6yK8DNcmHCg0O2z-K8H2S5oOSYcjYIeXyQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
56937ca7393d6071e9974aea6657020a5e810356fb0182725c6f257c66509125
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28953
x-xss-protection
0
x-server-version-bin
CggIBBDWs/KXBg==
server
scaffolding on HTTPServer2
etag
0ab823afa530d7dbc
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
expires
Thu, 18 Aug 2022 04:58:05 GMT
truncated
/ Frame B90A 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B90A 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B90A 		462 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B90A 		465 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 536E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpGjPzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4AFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6GYJTx1bsIBnGwZmCY4JM95WrGLaDTEEyqSzVcP2_yFu2YMZTGMmoAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTYzMDk1Njc2NjIxNjQ2NRgA&sigh=vdr8Ze_-pas&uach_m=[UACH]&cid=CAQSGwCsnQUxuNcSE3NFpbFabuZanEXIJ4nlax5ZtxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 18 Aug 2022 03:58:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 18 Aug 2022 03:58:05 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 536E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kuDuEsz6RNoFmAKdg2ICAgAAAL3dF7qT-P8r2nHJuhDMuP1iu_mdhMhZuWwCmwsAEgAA&wp=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
server
Kestrel
server-processing-duration-in-ticks
305570
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9314 		179 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e138955bef5b4f2741d819b617c881fa261244bd9dbe85f4a998b0892a101218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 03:58:05 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OBygkJvLUZJg35TI4AFi0DuCkV8sFjNro_k-00JrlvuLcqdQdrEy-IYbk8y2xVH7HeiEe_5b8b3BrQh7rumeGmtPUF_zBUlB7oJOrVMtrxTcHqKxEl2okGfNEs_jm2tUzxQDq3dzLViCdGMDzj5gvNkJLkLqokilgogmbCgNhANlHXXYLpAsVlXSfpCbDM0_65WTtVgZh8tQZlNP-WjJdHE674ujGL0VTQL_GEdKj3QILATe7T2_lKzcMZKFd76_k3ocBA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
89156777
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame 3F9B 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 3F9B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 3F9B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 3F9B 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
902565ce7f27f6e504ee3790458fa3e9137a1c2b3d63d58ce6cd2fbcbf9db7ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
211824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16649
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0cc7ecc69c61be2b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 3F9B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 3F9B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 19:13:13 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F9B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 14:42:15 GMT
x-content-type-options
nosniff
server
cafe
age
47750
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14587847488922671356
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Thu, 18 Aug 2022 14:42:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F9B 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 19:13:14 GMT
x-content-type-options
nosniff
server
cafe
age
31491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 18 Aug 2022 19:13:14 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3F9B 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSK0jzbj9YuTZCq-I1fAP-_aYgAizr9nta-60g7GMEKSIhZ4LEAEg5-TyFmCVAqAB8O6B4QPIAQmpAuVYFts-E7E-qAMByAMIqgT1AU_Qoomh0odCP9wOun9oHRc_4eYKoWIm5e5L4WYc447hogLm0-VbMDVLyvRoVmfyA39JeqiE2PF-F6QTw-iyxrekmBbhCDkoAjGzHWkj25XZJ5ILeodsTtNaUsyLyPKguQHMZV4h9mSnKheanT1C_Yb3M-vPZCZpU2NmrVWPehmCwzotzhQ1HwBCGpQi_Yy7kM8vkS_3GhtPq_s8AkIBhHsCNr4o9Kvj_y11FlEN0mC5eDhbXUmHVD__2lX0-YXblBed_CelJA3QGe-6i9GRHlLcSwJTmQqztQiUY5o_aA1ziXr4goH1raj_yyed9xA2sT19xN9JwAT_ycWwyAOSBQQIBBgBkgUECAUYBKAGLoAH-JD-HqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIrBAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTU2MzA5NTY3NjYyMTY0NjUYAA&sigh=MVMiQKnb6JU&uach_m=[UACH]&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1660795084&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084823&bpp=1&bdt=522&idt=194&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDpfbVR2AB&p=https%3A//www.buhoblik.org.ua&dtd=197
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 18 Aug 2022 03:58:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 18 Aug 2022 03:58:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/ Frame B90A 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:51:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 03:51:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame B90A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 03:51:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame B90A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 03:47:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B90A 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Aug 2022 03:58:05 GMT
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame B90A 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 13:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 03:40:59 GMT
truncated
/ Frame 3F9B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
610201d6f93cd07e8752aa5f6b9c0350d6c439f8b3c1bb783ca59dd63741b20b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F9B 		56 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5eb27dce9681337b02a363fa1ffb28b0889ced23e0eba592fea3db0f76d2417

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 3F9B 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c4bb4b37f05bc5752d618ab4828f2a6749b9046ddec75fbc50d7943befd31e6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F9B 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
863becff90bf1df06057ece7de31b1873e4b7a56e7b5b2e2d8b48fd10b44c228

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F9B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d130141331999d0830ff4d31900720d58382d820f5a6df810780193a4cb0eccc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F9B 		879 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bda0abf7f8615298475242a005ccfc0bfe887c43a71555288c4fd42d42d380f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F9B 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f44a512b87b9a63da9b969a44054d0264649b776d682894db413f1d3c45aa28

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
F09F9384.png
telegram.org/img/emoji/40/ Frame 53ED 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9384.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
73e19dfae69969fd67f8ff0960f10e6d9620d7a0652f6875cdfbfa2a1fbfc897

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-5de"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1502
expires
Mon, 22 Aug 2022 03:58:05 GMT
F09F968C.png
telegram.org/img/emoji/40/ Frame 53ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F968C.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b87673d5f4085602ca52a2a9f1e923a436cfd682dce3050cf78fb11630e8f682

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-82a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2090
expires
Mon, 22 Aug 2022 03:58:05 GMT
E29C85.png
telegram.org/img/emoji/40/ Frame 53ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E29C85.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d097bda59092b06b5bb3051bbef1791e8a7fc533a5aa62e40e898b3ec9308249

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-666"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1638
expires
Mon, 22 Aug 2022 03:58:05 GMT
F09F9497.png
telegram.org/img/emoji/40/ Frame 53ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9497.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
acc016d92200ab69a1bf453f9db6ceaf6d4ee6fe0db09e3db7fb8da82b781d68

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-add"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2781
expires
Mon, 22 Aug 2022 03:58:05 GMT
truncated
/ Frame 53ED 		683 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
E29C8F.png
telegram.org/img/emoji/40/ Frame 53ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E29C8F.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
53566fb30e9e4d17a6e90a1a2ab4c8ccd41c26342e4fc486788bc457fc7266a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-7fc"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2044
expires
Mon, 22 Aug 2022 03:58:05 GMT
E280BC.png
telegram.org/img/emoji/40/ Frame 53ED 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E280BC.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4a003dc58f3e95a18e44712b9161181319e6a40613242cbcac158f6dc8d7339d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-4a6"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1190
expires
Mon, 22 Aug 2022 03:58:05 GMT
F09FA5B8.png
telegram.org/img/emoji/40/ Frame 53ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09FA5B8.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
03bc0839c4ab84b2a470323f210bbf6762272651496b746d6a0e122bc66906ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Wed, 13 Jan 2021 21:25:08 GMT
server
nginx/1.18.0
etag
"5fff6534-c9c"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3228
expires
Mon, 22 Aug 2022 03:58:05 GMT
E296B6.png
telegram.org/img/emoji/40/ Frame 53ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E296B6.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cf834601aa3e59f6a61453790dc88447b3d3910cc297be5f7891c41cc0ca21e9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-67a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1658
expires
Mon, 22 Aug 2022 03:58:05 GMT
Obedu5ADeaaJnU1Upaq1lp7XENuxx4c6NtLLcZPqqwDeRmZi4XtMqpemZarRFiFcLHFUGuDBhbetMJyTDZU5-KEsO6SDHN54ZsAZSKZ9Xc_JkJE8RBn3eRTwYzS7fQVAbrbtNA25o_KtZaftbK_4ifTJyQOaSAj6aqqTB5mun7WVZLH7BBGQLICEgeRseNcGhkBY8...
cdn4.telegram-cdn.org/file/ Frame 53ED 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/Obedu5ADeaaJnU1Upaq1lp7XENuxx4c6NtLLcZPqqwDeRmZi4XtMqpemZarRFiFcLHFUGuDBhbetMJyTDZU5-KEsO6SDHN54ZsAZSKZ9Xc_JkJE8RBn3eRTwYzS7fQVAbrbtNA25o_KtZaftbK_4ifTJyQOaSAj6aqqTB5mun7WVZLH7BBGQLICEgeRseNcGhkBY8MSB72YnWqC__Lu5xzzfzQGYEdhlAXUTkHecuh_QFSAoyZb3hZRT2p4zs0r6W6oqY-8PJT9pnV1w8QOLykAbgPyg_4-s77ROPSWZqHrdJYkVm76bQU4GApkL02LnSxnIiqDwcortahaZAYSCqQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cf0f1054753e54c01e2d62f781173937b612a839aaafa2902316b321e5948b51
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63784
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"2e2b5149703a228b80fc7a37de38d0e2de3191a9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
E81Z-fkoQ3XkKzhSnJyTu3Wh8cwB2u6SwUhjfHM90E_aN6OXFNlJtZTc1TxqlWhWyNzcKHgbhUiBPLMQhX4pvXcSyfVlUT6ADPr719nZJdgMij4Fms-lxq3MMI1zr449eRcqJISeCEbn1G3NnpNyk6N4GHNpjQplE7X2QMIxs6ehaImIqW9j8rrVMjBNHlv3l2_tH...
cdn4.telegram-cdn.org/file/ Frame 53ED 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/E81Z-fkoQ3XkKzhSnJyTu3Wh8cwB2u6SwUhjfHM90E_aN6OXFNlJtZTc1TxqlWhWyNzcKHgbhUiBPLMQhX4pvXcSyfVlUT6ADPr719nZJdgMij4Fms-lxq3MMI1zr449eRcqJISeCEbn1G3NnpNyk6N4GHNpjQplE7X2QMIxs6ehaImIqW9j8rrVMjBNHlv3l2_tHcIsysic36RxtIBCb6pgfFIEl5qUfyRvgZ4YLmLZnPKgDBiwu4HDkBAz-yg-TzROG1PUmDTX5bslhgBq5pOKgYarBABgy2-8sNG7Kp-kyqrzQQM1Cx59prLWUntIx4Dr-appdQv_ZpEPI_SKdw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
8cd518f395ceb37e9a829bda5794c6bbbf8531b21b3d211f1e004573acc9edbb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
169794
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"a56ea5756f5be99edaa0a537cacb1f4f94469f4a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
F09F96A5.png
telegram.org/img/emoji/40/ Frame 53ED 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F96A5.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
25acfe84806b66b7cd6fa3c4f94183e78a32025415c2bd01d3dfb16340ab2e47

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-595"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1429
expires
Mon, 22 Aug 2022 03:58:05 GMT
Uuvqppn-FrCZ-tYx2wEdNjUl4nPEynN4WhOcD1MG7ko9b_b3hlReYs0cViPRgToWp9W5mLMbnEyUrsSyCo2qMUX6DbNRFgmE-GpQkPxpQNlB8XZ03Jy0g3W8KMgd1tSQK9SoJB-LTmnaUynWmDQxVqy5TW0HpFnglene5VtPBB8Eh_JA5Tablfq1JAvOBJXLAnYg2...
cdn4.telegram-cdn.org/file/ Frame 53ED 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/Uuvqppn-FrCZ-tYx2wEdNjUl4nPEynN4WhOcD1MG7ko9b_b3hlReYs0cViPRgToWp9W5mLMbnEyUrsSyCo2qMUX6DbNRFgmE-GpQkPxpQNlB8XZ03Jy0g3W8KMgd1tSQK9SoJB-LTmnaUynWmDQxVqy5TW0HpFnglene5VtPBB8Eh_JA5Tablfq1JAvOBJXLAnYg2vLz3jp4Hd_jNDYRwjieKuU7RTaZlPoSHEbiPj60am91rRZ8JoFssLz1-KJaoJb2OGRuFhhJiqCptpWK50-nRPtfxeS55oUuyF4S_mdKfvaF6r8Cs5_DsGDdszs_Q7C1SB7RRk2vCbW8L3Pfrg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c1c4a7e98f5ffbfd019d18b00036671b4a3aa558427fe4394a794d60aef00f41
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102241
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"52d9b14323154d893dc8d488c8ad1b31e72d364a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
E28FB0.png
telegram.org/img/emoji/40/ Frame 53ED 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E28FB0.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
32ae77196cf412d763b87b2aa85b038f536201a0df7164ed74581402b4733511

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-10e4"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
4324
expires
Mon, 22 Aug 2022 03:58:05 GMT
F09F938C.png
telegram.org/img/emoji/40/ Frame 53ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F938C.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1e46e48a837d9ff05a193956ee173159b7b1d360581c822844e9dbfbca6c9bf6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-905"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2309
expires
Mon, 22 Aug 2022 03:58:05 GMT
Ip_c6ktQoZFdgZ0Ay2bWkWBC4djD8uKRIcgBuNfSMGSM8f1i_fahLomLVVv8q56xY31T5ixYPkkYyW08jefP_ApjjtX3Harv9p-OgL-u_HzCbqh6ZjR2v0OyzaWqdiE5fJ-n4xvNvETeJIe1Xn64F_xVhNXOSl-t36zoDzpYFgk7cMTCx3M404lF4RY9fgSQQS9Xh...
cdn4.telegram-cdn.org/file/ Frame 53ED 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/Ip_c6ktQoZFdgZ0Ay2bWkWBC4djD8uKRIcgBuNfSMGSM8f1i_fahLomLVVv8q56xY31T5ixYPkkYyW08jefP_ApjjtX3Harv9p-OgL-u_HzCbqh6ZjR2v0OyzaWqdiE5fJ-n4xvNvETeJIe1Xn64F_xVhNXOSl-t36zoDzpYFgk7cMTCx3M404lF4RY9fgSQQS9XhdnEAFlVrNoifZIl3ZepLe49cTuSie9U816RPf_eHn4rTkMK_w1gVFyclWcnitgHPPqAcVLzI-39CNYfudZE-7tWVsLUocHHoHb0Cdv3LNR2XWUEhfuZ6xkQQld0PBrTzF2wuhoEirYRQWEwEw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
933205725b5a22d7dd0ee2d603c9ea51ca925dbb09ea3b62f074007e2ab4d335
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127077
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"3ec09c51ecde660f93d4904f7ca538a078d1672b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
gMvZJym-f8G45OukbV6kmqDirj_OT0UyD9iE6uBMpJd_D9B_QuT6H56h_nTKAVbl30-p5QEUYitdlf7JBe5gcKWkO85tiZa31NY7sR99T0CqNLobPPnjU7dIQa7prZkC8NSK4DamzejYHVCI5dgOHj7qwVfe0SFNgcSFir0zqpwwleT4hjUvdKGNwcnbrt0T7ECZi...
cdn4.telegram-cdn.org/file/ Frame 53ED 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/gMvZJym-f8G45OukbV6kmqDirj_OT0UyD9iE6uBMpJd_D9B_QuT6H56h_nTKAVbl30-p5QEUYitdlf7JBe5gcKWkO85tiZa31NY7sR99T0CqNLobPPnjU7dIQa7prZkC8NSK4DamzejYHVCI5dgOHj7qwVfe0SFNgcSFir0zqpwwleT4hjUvdKGNwcnbrt0T7ECZiGLirm_322c-nQ1fjYo0d0OkA2wCXhjJ-gjgZwWdsWygHA1P0eW7F62xBiKs1r0vDc2o7kzwMU1dyanEkxAmYtJ9gW4Q4kDD2ShF2-Un2kMG-FFE83VmzFCv7WVgD5bnon-gyzJ2hp2P4a5ZqQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
dabffe4a0b71d6abf83cc82c3ed7fcda4cc3582a4197e026117f2dc99c1dde3c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72546
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"abb30017fd4e5d5179d0189b465a263e33c2a12d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
E28FB1.png
telegram.org/img/emoji/40/ Frame 53ED 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/E28FB1.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b7b093955e7487be1bbec86d8a7ab2012c4716b5cf31b2b6df500edc04c06255

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-d5a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3418
expires
Mon, 22 Aug 2022 03:58:05 GMT
F09F9385.png
telegram.org/img/emoji/40/ Frame 53ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F9385.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5abe4ec1b14120ec963c7bec8267ed0bbdcd52694f48daf0f1a57279748a1c6a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-7f3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2035
expires
Mon, 22 Aug 2022 03:58:05 GMT
F09F92BB.png
telegram.org/img/emoji/40/ Frame 53ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F92BB.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26345a9625172670562d7ab2395db6bd15311e0f6cf5e66f2b4478bd994a7f6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-71b"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
1819
expires
Mon, 22 Aug 2022 03:58:05 GMT
cURL4LCRP7xiRAil1On8PZuxt1XNiQOqqGPeEPxp97OfFzdTb1ALInELMQUHLZv-aAE2zjTzIUoaPqDcrXXonJEDoW3J7TH3ReGUGBuO65P3wO61F6W_lwpHzsS00qRWX-JlCIHmLbl1CY4jzjFUjs4NGpwp9PsgA4lTluOhXpfRQQeoNCRmN7QIWUDbvS3WNvFuT...
cdn4.telegram-cdn.org/file/ Frame 53ED 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/cURL4LCRP7xiRAil1On8PZuxt1XNiQOqqGPeEPxp97OfFzdTb1ALInELMQUHLZv-aAE2zjTzIUoaPqDcrXXonJEDoW3J7TH3ReGUGBuO65P3wO61F6W_lwpHzsS00qRWX-JlCIHmLbl1CY4jzjFUjs4NGpwp9PsgA4lTluOhXpfRQQeoNCRmN7QIWUDbvS3WNvFuTBsQ8VP9lQazrMHmrrcQcvDq-_W3XGuKjzpOnedBUk0FPz2vfapc100TATf1pTwVd_rmvv4RITI1GITvBCxiRcp7SqQsNd1d95pYcNQG9vlcu9wp_NURRa0owImhHCqxGp26MHnHJn8sMubMHg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3ab6bdc45b9e7ecded30d4f1c7b2215e990f446f331d3b646dffd6bb2c081c1c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114107
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"776bbe9870fa58d9602df6d056a2227030b36098"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
HLTUCfAMtahIrNZ_cJfofr7bmI0h96Ov42OhStBcOFDSbnhBp1OiiGi_7JUl6ZsyA-YbPw5LVuOt8hVT2wAdaBtNlkOEWaxFi28GNn6V1bykjloHnLoJFKFP9APcEO6D3bB7EJ_dMh5Cd1AmSe3R0ZJNDk36kFwYaTHyJdbRsd2cePd6Iey_NlgxqpyEYJg1FrhOf...
cdn4.telegram-cdn.org/file/ Frame 53ED 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/HLTUCfAMtahIrNZ_cJfofr7bmI0h96Ov42OhStBcOFDSbnhBp1OiiGi_7JUl6ZsyA-YbPw5LVuOt8hVT2wAdaBtNlkOEWaxFi28GNn6V1bykjloHnLoJFKFP9APcEO6D3bB7EJ_dMh5Cd1AmSe3R0ZJNDk36kFwYaTHyJdbRsd2cePd6Iey_NlgxqpyEYJg1FrhOfqtjLYGSep0bEZ2KVDtBGLM04Y-j4FTcQQ8ebd6IGkm5z6Z6i4UuWksyhCAZw81QG6v-WNUsCYVsJM7PygPFbYc7jnkVgEssEqEjsBwhXO4CcVUKd3PAr-whQiyBD5MxorDgukh1xwz1BfGMuQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1d08840a75c155fca6642bcc3d7ecc34497f6e0d19d030b1f2e0e249c753cfa3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75518
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"b6ef20de73f0107d5f6e8727b2951a9fcf7b3174"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
NhhF2PYiEsWfSqf156cIN6D5v1cZ4DxfaBSGHZzmTJip1aTg4hpqFzWADH-aPfc2nsTIYVrBmbyCTIDWKspLoFFr5GAljVFXf8xCXPSoxNMhA0Y591IPhD6o1S13fiG9QOrRDdYPoD7xWz9xOZvBXhMY3q0lyokQMMJMuytCtLC8qHBoIWnKw76PTfugWSKhBjSaJ...
cdn4.telegram-cdn.org/file/ Frame 53ED 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/NhhF2PYiEsWfSqf156cIN6D5v1cZ4DxfaBSGHZzmTJip1aTg4hpqFzWADH-aPfc2nsTIYVrBmbyCTIDWKspLoFFr5GAljVFXf8xCXPSoxNMhA0Y591IPhD6o1S13fiG9QOrRDdYPoD7xWz9xOZvBXhMY3q0lyokQMMJMuytCtLC8qHBoIWnKw76PTfugWSKhBjSaJ4-a2rSNriyIfABtoPLrGS1g2JXkMm0p4anrIf1gMMlKss3e1EgQPt6oZooUm3Es3K1WhOXYD5SBPJjxQ6-ahwPbRoRd2tf7nChSFsj6JmZC9NAs29xtM6WPAoWI1hn-9PJRmEWRgPr3eKtuzw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
536dab3f6cefa51f81e172ead35c79e2de704da110f4ee6e8286c3fa782467f2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
via
1.1 google
x-content-type-options
nosniff
age
1385
date
Thu, 18 Aug 2022 03:35:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60176
x-xss-protection
1; mode=block
server
nginx/1.18.0
x-frame-options
DENY
etag
"d8a30d193d651c7f503ab8ed688505e5c21a7241"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 53ED 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
590174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 53ED 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
28060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 20:10:25 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 53ED 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 19:04:26 GMT
x-content-type-options
nosniff
age
291219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9840
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 19:04:26 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 53ED 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 21:51:35 GMT
x-content-type-options
nosniff
age
194790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 21:51:35 GMT
VdGBAYIAV6gnpUpoWwNkYvrugw9RuM064ZsPrfqk33YqOjLBxkUhdkeuqyIMwGYkDA.119.woff2
fonts.gstatic.com/s/mplusrounded1c/v15/ Frame 53ED 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mplusrounded1c/v15/VdGBAYIAV6gnpUpoWwNkYvrugw9RuM064ZsPrfqk33YqOjLBxkUhdkeuqyIMwGYkDA.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=M+PLUS+Rounded+1c:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
319eb578634347f8bd6df61778b659ebe74e827b6395e114b084c3dbe613d854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:15:18 GMT
x-content-type-options
nosniff
age
124967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18600
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:31:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 17:15:18 GMT
pattern.svg
telegram.org/img/tgme/ Frame 53ED 		225 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/tgme/pattern.svg
Requested by
Host: telegram.org
URL: https://telegram.org/css/telegram-web.css?33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://telegram.org/css/telegram-web.css?33
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 09:45:08 GMT
server
nginx/1.18.0
etag
W/"62208e24-385d7"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=345600
expires
Mon, 22 Aug 2022 03:58:05 GMT
/
xn--r1a.website/v/ Frame 53ED 		4 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xn--r1a.website/v/
Requested by
Host: telegram.org
URL: https://telegram.org/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Accept
*/*
Referer
https://xn--r1a.website/s/buhoblik_org_ua
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 18 Aug 2022 03:58:05 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=35768000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-control
no-store
Transfer-Encoding
chunked
Connection
keep-alive
truncated
/ Frame B90A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a7f785ba9641c95e17a39924e5fc97dd4ae9e0ba0e7e9d7fe4e777eb4fd8279

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 536E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecaddf97aabaebf096d50c1c56c14008f4e57089152b7385943c783c3d8003ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
events
bidder.criteo.com/csm/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.buhoblik.org.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.buhoblik.org.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 13 Aug 2023 03:58:05 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 13 Aug 2023 03:58:05 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=82d3a27d43a34fe287fc4152e199f904&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=28&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=d5421840-4fde-4795-bb0e-1367b58e60e4&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=3%2C2%2C493&ts=637963918851542643&ap=MA%3D%3D&asign=1607130515&sync=3%2C88&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-7&pxl=0&pvid=b16f1d8d-77fd-4fcf-9a51-4b5bbf0eed7c&ip=82.199.130.38&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 18 Aug 2022 03:58:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/48427/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:18 GMT
server
nginx
etag
W/"62e28a7e-702f"
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:18+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 13:10:18 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/48427/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:19 GMT
server
nginx
etag
W/"62e28a7f-a793"
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:18+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 13:10:18 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/48427/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:11 GMT
server
nginx
etag
W/"62e28a77-326c"
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:18+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 13:10:18 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/48427/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:10 GMT
server
nginx
etag
W/"62e28a76-2a79"
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:18+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 13:10:18 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/48427/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 18 Aug 2022 03:58:05 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:08 GMT
server
nginx
etag
W/"62e28a74-35ac7"
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:18+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 13:10:18 GMT
events
bidder.criteo.com/csm/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.buhoblik.org.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Aug 2022 03:58:04 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.buhoblik.org.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=82d3a27d43a34fe287fc4152e199f904&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=28&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=d5421840-4fde-4795-bb0e-1367b58e60e4&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=3%2C2%2C493&ts=637963918851542643&ap=MA%3D%3D&asign=1607130515&sync=3%2C88&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-7&pxl=0&pvid=b16f1d8d-77fd-4fcf-9a51-4b5bbf0eed7c&ip=82.199.130.38&item=A0F0C54C-7ED4-485E-97FF-9946099AE54A&crid=A0F0C54C-7ED4-485E-97FF-9946099AE54A&size=240x350&profile=A08F3A11-214F-401E-9933-D17F544E4BE0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 18 Aug 2022 03:58:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012208081650000/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4139220cef70b0dc6ec26232020d4ddb52acef1afcbf2e5b32ed00b7eef62ec7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
211824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7850
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9cd8ef75d108969b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:42 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B90A 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 08:44:44 GMT
x-content-type-options
nosniff
age
69202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 08:44:44 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B90A 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 23:42:24 GMT
x-content-type-options
nosniff
age
188142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14432
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:04:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 23:42:24 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9314 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Aug 2023 03:58:06 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9314 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Aug 2023 03:58:06 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9314 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 13 Aug 2023 03:58:06 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9314 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 13 Aug 2023 03:58:06 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 9314 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SDwWz1JvV221ACHSFaRT_jhUUdB1fE86VIGmQPs9rHkt7HHqeM4hoyqcRhQ6yI7z0hnADcQJOrfKuSzWnz1l7U3vpXrpIoRqDMY2eN5a3mvVblqE_uVBeLfkZa6MdAaXpp0yWmM1cRojHQpkBPJc-4d-XBeIlG-qrW4JjKDT0KU5_zzXlHXEcHtL9aFRxqSJnHUvU5rl3n8V1meyfoWIt8tkd5G8N67JMifMPkIiWe5nLa9VMTgnrywl5q_ByC9Zujn3kgOsz7DGxJM-qRiEOtrqlHIB_CGDhfWRKqfqeNMBEiUQseRdyQlC4_O97dgUOD9QhOPhjdHA0eONpwiYJkeFbR5MxYv7wu1IE10zcTtuOXq6vG5711Xu7KRL83wB52R28jrSop5NUn6lBJKVPOmj_4NQR6IFOCSinrRkg2VipcGqAubz7n_YJsURE1xXRSonZA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 03:58:05 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3079861
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame 3F9B 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1660795086076&qqid=CKT04ui_z_kCFS9EFQgdezsGgA&rt=any.link.ds.87.2n.1h.37.s.1boq.1bge~any.script.dt.8f.9.44.0.0.48p.40d~any.script.dt.8z.k.4d.0.0.mg6.m7u~any.script.dt.9m.c.58.0.0.d2t.cuh~any.script.dt.90.2.4w.0.0.1ph.1h5~any.script.dt.9a.a.4y.0.0.a80.9zo~any.img.dt.5c.1.35.0.0.hw.9k~any.img.dt.5e.2.36.0.0.2lp.2dd~any.img.du.32.1.2t.0.0.8c.0&met.a4a=dcl.528~ol.1012~nvs.1660795085021~ini.1660795086077
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9314 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1675028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2F4pjsq9XGGgIbgZiSubLD5YgkgkzyOHqqXeQONETwqWvQVFaZKBwEzYIXptMpZtqzdVmrWSNGmrZH65nmSEOWzdH%2ByLda966y24AOmPZNKjbkKeYbkBtvg2mSlesAP9PrOD9IldiueHLjqPwAy5gofl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73c7baa90f0172ca-LHR
expires
Tue, 08 Aug 2023 03:58:06 GMT
animejs.js
static.criteo.net/animejs/ Frame 9314 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Aug 2023 03:58:06 GMT
b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
static.criteo.net/design/dt/ Frame 9314 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
gzip
last-modified
Thu, 24 May 2018 07:59:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0670fe-dec4"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Aug 2023 03:58:06 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=942&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F942%2F210816%2Ff0385941b58c4db180e9e3b6f328c160_logo_c-a_black.png&v=3&w=196&s=jvdCpaqobv8M490hMj2-dPQo
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ddf9a311a472730fa4dc7d178506179fe3659b8248d5ef17089dba880446f3f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28865289
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5356
expires
Tue, 18 Jul 2023 06:06:16 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1654793420%2F2166777-1-01.jpg&v=3&w=400&s=K4rDjhH7jduxCgqa-g2chTlp&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c599d0279d49cf5382e9be1add34ec7c3b6791416e069a06e62ab2a331896b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31228467
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3774
expires
Mon, 14 Aug 2023 14:32:33 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1586964023%2F2091273-1-08.jpg&v=3&w=400&s=E4T-fUGe0Hksx-rMHwRf2klV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
49746986f429b5317647ee592ae88013bd46fe403ae79f2552e4f26f42bc4ace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29657340
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2568
expires
Thu, 27 Jul 2023 10:07:07 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1650568469%2F2170539-1-01.jpg&v=3&w=400&s=uQZ6aDK7Ujh307dxfJzjlq4z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bb68aae18ecd5bcf816bb98cf5bb19c7e9fd1431b1519f746a9fd3aeb5d57e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30270231
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7130
expires
Thu, 03 Aug 2023 12:21:58 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1655884771%2F2131696-6-01.jpg&v=3&w=400&s=bMjjc0c3EDD1eu_nwEPqnYJN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
369df1a20842fadba8874855c9bf00397b951c3b4b6ea70d65a30ae292e3feaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29307459
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10116
expires
Sun, 23 Jul 2023 08:55:46 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1649672170%2F2164660-1-08.jpg&v=3&w=400&s=RTB5pU9XfTCL97bVjMD47dSg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
440369c9b7f1bb6fe32346ddb0aadb80c67bb2f314a42a58e8620b0dba6761b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30791175
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11684
expires
Wed, 09 Aug 2023 13:04:21 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1643631173%2F2164404-2-01.jpg&v=3&w=400&s=pVPzcUAxZZ6FaL3zWlilzC-o&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9b353dd85f83324f60497827f75c8a8ae333c8493e834ee26915fc4131546232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30700867
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4680
expires
Tue, 08 Aug 2023 11:59:14 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1657195819%2F2186030-1-01.jpg&v=3&w=400&s=C9Z3il05W7svZdIOGrQTiGv-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4a409076ca2553d234ff017fd0d2dcae6105cb2d3c691e73cdd8847c5dc62239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29512251
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4644
expires
Tue, 25 Jul 2023 17:48:57 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1651152053%2F2172343-1-01.jpg&v=3&w=400&s=BDaclxPVz5KXV5XsI_z7SdY-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ead744a1d73c157d52b23a9c3fe8741c5565d735e8f7415229a67321d4ef92e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30016920
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5164
expires
Mon, 31 Jul 2023 14:00:06 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1658474390%2F2171984-1-01.jpg&v=3&w=400&s=meQGC7VNKZTu_BNttjPfnpGj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0659c06b7d0012c71c6b18e4babe5c2cc8a1e8edaa90de36cdc583d8775586c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29270428
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5240
expires
Sat, 22 Jul 2023 22:38:35 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1651061999%2F2165978-1-08.jpg&v=3&w=400&s=RHm2pwGH79F5ebt_maOPRZJO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f892a013b618968e20d8352d09abe4f118d0664884b060fe3b430bcfec37c4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30620724
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14494
expires
Mon, 07 Aug 2023 13:43:31 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1641080914%2F2152959-1-08.jpg&v=3&w=400&s=vUvBUEsW04503nJ_27lgzIql&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0af53eb1d30cce0ee7f1d9b328907db1e363d16f3319df73ac212b6d1dbdeca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31393593
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9576
expires
Wed, 16 Aug 2023 12:24:39 GMT
img
pix.eu.criteo.net/img/ Frame 9314 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1649318555%2F2170839-2-01.jpg&v=3&w=400&s=TTZ1MsFek4l6tlrfKUtZ7ouk&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
be9e958e3936401cd2bd8cea8e5be51393a80463af874eebfc947f76e0fc4a83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30791108
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12894
expires
Wed, 09 Aug 2023 13:03:14 GMT
all
csm.eu.criteo.net/ Frame 9314 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=OBygkJvLUZJg35TI4AFi0DuCkV8sFjNro_k-00JrlvuLcqdQdrEy-IYbk8y2xVH7HeiEe_5b8b3BrQh7rumeGmtPUF_zBUlB7oJOrVMtrxTcHqKxEl2okGfNEs_jm2tUzxQDq3dzLViCdGMDzj5gvNkJLkLqokilgogmbCgNhANlHXXYLpAsVlXSfpCbDM0_65WTtVgZh8tQZlNP-WjJdHE674ujGL0VTQL_GEdKj3QILATe7T2_lKzcMZKFd76_k3ocBA&sds=2&rev=82471&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Aug 2022 03:58:06 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9314 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Aug 2023 03:58:06 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9314 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Aug 2023 03:58:06 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame C6E7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084824&bpp=2&bdt=523&idt=207&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=pymKtTsYBz&p=https%3A//www.buhoblik.org.ua&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 15:08:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
132553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 15:08:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2b5681736e74b5283c61329ec9966b607f78bdbb1361e73c4063fb935046ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10988
x-xss-protection
0
syncframe
gum.criteo.com/ Frame C569 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.buhoblik.org.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 03:58:06 GMT
server-processing-duration-in-ticks
2136
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 536E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoIV7llwO6jK_ZXs-RbR_Iduy0RxUGNkjVltUs173uKilgHptAsJK1q4WVRftl300oJsKOH2acTMU7mBE9ujT8jsGH&sig=Cg0ArKJSzEpWC01CgoqFEAE&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3078983205&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660795085012&rpt=777&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 03:58:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame C569
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=buhoblik.org.ua&sn=ChromeSyncframe&so=0&topUrl=www.buhoblik.org.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=_cNykHxic21MWnNGQzJneFdzdzkzWHJCbk0xU2JNbEN0TXZaTGlJQWxoemxmQnV5MGlIZHBJWjd0QytUVXYyWlB0VGV1RzFIUFM3R0ZFZmtPdjdUaGFkdHUyc05qaXFxK3I1NU5vcHZjbFhHaVdTZlBkK2ZNQWhManU1RG...
444 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_cNykHxic21MWnNGQzJneFdzdzkzWHJCbk0xU2JNbEN0TXZaTGlJQWxoemxmQnV5MGlIZHBJWjd0QytUVXYyWlB0VGV1RzFIUFM3R0ZFZmtPdjdUaGFkdHUyc05qaXFxK3I1NU5vcHZjbFhHaVdTZlBkK2ZNQWhManU1RGxUOHlMY3ExUUFFYXBNNlgrNXU1VndnQUJLS2ZXTWxUME1RQnY2bCtLQlBxZnF0UHNxcHRpcWxMQUJPSU4zMHUrZzBmbXd5VUQ2cndCM2t6NVVvWW1INHhQRExFL1VsZFVhM0xtQXZLUkd3dndKaUE3YU4xTFJxTmN6WEpZUUtTOFFRL1MxRUJQOW9FVXUxYzl3L0dUSWdjTFprNko5UT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9515fd659bfc875a860fc1c16542f8ab4de4ac190e5abaa38db8f7290e3732c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 03:58:06 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4387
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 18 Aug 2022 03:58:06 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=_cNykHxic21MWnNGQzJneFdzdzkzWHJCbk0xU2JNbEN0TXZaTGlJQWxoemxmQnV5MGlIZHBJWjd0QytUVXYyWlB0VGV1RzFIUFM3R0ZFZmtPdjdUaGFkdHUyc05qaXFxK3I1NU5vcHZjbFhHaVdTZlBkK2ZNQWhManU1RGxUOHlMY3ExUUFFYXBNNlgrNXU1VndnQUJLS2ZXTWxUME1RQnY2bCtLQlBxZnF0UHNxcHRpcWxMQUJPSU4zMHUrZzBmbXd5VUQ2cndCM2t6NVVvWW1INHhQRExFL1VsZFVhM0xtQXZLUkd3dndKaUE3YU4xTFJxTmN6WEpZUUtTOFFRL1MxRUJQOW9FVXUxYzl3L0dUSWdjTFprNko5UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1549
content-length
541
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Aug 2022 03:58:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B55C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
11048
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 00:53:59 GMT
expires
Fri, 18 Aug 2023 00:53:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9955 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e1ddcfe9afc3be4454c48b6cc10679e3d6bd165a0d8c231a77ca982d55b6bfb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vi84bjlWCz2xUw0Ey1oMUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-vi84bjlWCz2xUw0Ey1oMUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 03:58:07 GMT
expires
Thu, 18 Aug 2022 03:58:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame B55C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 15:08:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
132554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 15:08:53 GMT
all
csm.eu.criteo.net/ Frame 9314 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=OBygkJvLUZJg35TI4AFi0DuCkV8sFjNro_k-00JrlvuLcqdQdrEy-IYbk8y2xVH7HeiEe_5b8b3BrQh7rumeGmtPUF_zBUlB7oJOrVMtrxTcHqKxEl2okGfNEs_jm2tUzxQDq3dzLViCdGMDzj5gvNkJLkLqokilgogmbCgNhANlHXXYLpAsVlXSfpCbDM0_65WTtVgZh8tQZlNP-WjJdHE674ujGL0VTQL_GEdKj3QILATe7T2_lKzcMZKFd76_k3ocBA&sds=2&rev=82471&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yv24zQACq7gIFWi0AAEQCDc_AoZxubCXLq85JQ&u=%7CGF51po9kK4NSkroHDvPhkPW3%2FCXBs%2FC2MRgnr68F6yw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sS6YifhuTQzr8X_A4RFDhQZHxLBDNdnVs3sse1voxVSNkr5Y60gNqRpZY3dZwsHryRDqL5KsTeltjF1nyVhx3ZZ_oSy24GFYlI5A-JYbMdwED7XWDBgjG3iYlMnijnxF6JOcwkjfsgyMB6b4asiOKDVgZpR8owfW_3DSUVYj-vnO0xt0bz-gkOky6_AZSZHEjgD-ew7gyQoXMO514imbddhx1MhSIk3eGwim3G5oDpUBUJ-aibLBK52P0MFBQU3KLspgoN4itFBrdq9Io7e7harWcYfERyIizJ8ZCwXAOUSaYcn1C3LFaopmlRBqv9TlJdSaa8_25vXaGJUGmmUBXLwa4d6qciGfSFDQeY8QkLv1WHwYKcyoB-fx7nAMqvrBxPyr0zQa2ZNob7A0rfKZSjk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqNnkzbj9YrjXCrTR1fAPiKCE2AzJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLlWBbbPhOxPqgDAaoE4wFP0B2seCxe1pKCNsLwb0fZ0T4HmmiczRP3BxKJSTOuDDNNYmyDfy-oGQmdA7RijZX5hlybvIFzPH9fkpOn_K7cTZ7nPYNlv0udfBeFZ0h73S3ejRusXqKn349CoDuRIt-BoGurYzvlXz4FP35YBJz7StkiuKoKaORXDyr5ls4vXpPJ49b_FCWHh-s60vjSSd0JG93UREL92Ef9EMjuaGYARLGywIdFqlnb0OAjniuCTwdcG1Mhvmznp6HaJx3n6U2dj9OFjIXoGWmBU6WB3j7qC6gmBWqpKUObl36Jz7WfJUOc_YAGi76M3cCuk9raAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bdcJ-MFQz4jiBEVEOVuKxSkX6yA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Aug 2022 03:58:06 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
generate_204
tpc.googlesyndication.com/ Frame B55C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LS6xbA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:58:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9955 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220816&jk=840732997961381&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=dab6be62-b1e7-4d05-a12c-0a70b3291504
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 18 Aug 2022 03:58:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220816&jk=840732997961381&bg=!W1ilWBzNAAYUOm8VNDo7ACkAdvg8Wqts4Av4Q7eQ-jgBKVto3Rt-LuIC-e7IJ1akZ53urAb1mj7OHAIAAABRUgAAAAJoAQcKAINu2fx66A3fvPnLO3c2ajJKHZN0-uGbk3EKs7VxpI7b5LCSgpydOiv4ud3972MrhuW3d1UEIZMKX3gG4_0mZU_DALzpobNCjKQAnCzAxPT3acodLfiX3Tl_2d_K49fvlwl4pmWAfkirXYj-XiBc6oA8ucGC7dCmQCSlXJUfyq_Y0miMm5kCqvIQBFSTcRWFZCqTXLtakdLLB3wa7svZj5JH8SxQPozYOUfBbgbKXywbWB-EvC2HIyaS1mESP5CXfNgjeAd45ElUaT7TdLPdam-4bqpGLuWvzALpncXNtf99ppRX2M3FfVGgWl_I678JIFZTkBD6U9XUGURkaN1f07DuaXkq4IN066PU330dOa-kV6oKSGjeEpYBPkkmeN6eKWlc5C6W-dm8ETJuZA8BcAFC2MlysLHePuRRipvrrCrBGjW9zPlC8vKEPCto6Y9Yb_uMYp1nIIob71m5tlrt16s2KnlMbeBE4I25tIRHCJuLLlITbPe9nndnbtOn-cS52on16-2hdWZ0UA44OyITPgUiv9YN4tZnrd-dNr23dBcc913G5BMdB6fXtgrOhM-V6ek8jA6faERf1M0j8UYCp3eL-NU6Mv4blZRz1Fi5hFw7vVLR8ZShwuL9vIgne9skOAKKBwxm1T2398DfBzWnPy3lXEeHA1hMsUu6NGaMfZCgA9U9xbPY7EuSKOeC09yN9u5wicDOIqPVbWpxsGElnxMYeHp4Q7uStOX5rmykp4iDHsJxKU-_3CxIiz6IEsDVyHZr4EYzZ5q0hUY_vhT_e2KkGu-WIKT02MjBYVQyTM8pSTS2vWaMenfVGHSjqPpwZvGW7Y7RkFRjxi-I__LFHQm7Xj9plNd3LtggAeq6ge-RMI4QO80vhm50-wq9sT6xCpbfmOrMJl7XuTTMNUJA_xx-gryAdTAGIelg8_NJ70LMaOMXKUUtvoosOcJ8-g9_9oLo2rmTnvFYUp7o9iWrHC1atNsNylZG-URNtWBMu1MQbXj9dhVwABFmufRaCvIrRRLwvDLv6JvShTxkGN5vQs4BC1Eo80-TKJVBTx7Ctz3P71bSN-isUBAkTVa-uTsUibA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| JCaption undefined| $ function| jQuery object| jQuery112408629170400347386 object| _gaq object| adsbygoogle object| globalAmlAds object| _gat object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| hb_dmx_res function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_126 object| Criteo object| Criteo_126 object| googletag function| html2canvas function| _open object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests

25 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: 82d3a27d43a34fe287fc4152e199f904
www.buhoblik.org.ua/ Name: 54328dacc8285ec61fa19f90fac03db6
Value: 9ab84b60d83a4904eb494ad3aae5f7cf
.buhoblik.org.ua/ Name: __utma
Value: 21695912.1756452222.1660795085.1660795085.1660795085.1
.buhoblik.org.ua/ Name: __utmc
Value: 21695912
.buhoblik.org.ua/ Name: __utmz
Value: 21695912.1660795085.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.buhoblik.org.ua/ Name: __utmt
Value: 1
.buhoblik.org.ua/ Name: __utmb
Value: 21695912.1.10.1660795085
www.buhoblik.org.ua/ Name:
Value: store.test
.buhoblik.org.ua/ Name: __gads
Value: ID=8c5bc77d50ae35e4-229694ba05d60050:T=1660795085:RT=1660795085:S=ALNI_MbL1Ds2Cq7siEAJ2RziBWqCWyDuXQ
.admixer.net/ Name: am-uid
Value: 82d3a27d43a34fe287fc4152e199f904
www.buhoblik.org.ua/ Name: am-uid
Value: 82d3a27d43a34fe287fc4152e199f904
.adnxs.com/ Name: uuid2
Value: 660175303391470772
.creativecdn.com/ Name: u
Value: HSjLA01PLaYtef04ebxA
.creativecdn.com/ Name: ts
Value: 1660795085
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2C'$sd@d!!]tbPl1MzM)t2#mUa)tlQO/EUL(DKzY=V=s[ke!aB0f!^[HX`mZ1L-qNZm4vS8LmD<QG=%9sk@3@'s>TU.Ml*
.bidswitch.net/ Name: tuuid
Value: 5cbcb787-f911-4b1a-974d-9fc26a8443b5
.bidswitch.net/ Name: c
Value: 1660795085
.bidswitch.net/ Name: tuuid_lu
Value: 1660795085
.doubleclick.net/ Name: IDE
Value: AHWqTUmpmgLeezmBXDG6z6Vki99FUniCB3tbkmUYHgfE70WtLXKrWsfDCmkHRwkVi2Y
.scoota.co/ Name: tuuid
Value: ab7fea21-8cd4-4ed7-bfb4-1fb6b76c1d6d
.scoota.co/ Name: c
Value: 1660795085
.scoota.co/ Name: tuuid_lu
Value: 1660795085
xn--r1a.website/ Name: stel_ssid
Value: 1681dbd6432255f273_5269132803230831384
.criteo.com/ Name: uid
Value: 42411e9e-57f1-4edd-a771-bb29d063cf9d
.buhoblik.org.ua/ Name: cto_bundle
Value: JD-3Gl9sYUh5YTNCM0pTJTJGMTZCWnpQZGRhejlhUU9NakxORDlBaThFOGl1TTBrJTJGUEtlOGVRU0MxaWV6WEhWOUwyaTQlMkJWNEhyc2hnc1pjJTJGaDF0N2N4VUZXWiUyQnhBT0EwQ0JKUHN1WW5HN05wVUdWSEwlMkJtUFZoZ1g3eHRTQTZEWkMlMkZocVFpUWpEc1dGa2hCV2tDcENvVHlqaENSQSUzRCUzRA

2 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1660795084&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660795084820&bpp=3&bdt=519&idt=186&shv=r20220816&mjsv=m202208110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3180257469578&frm=20&pv=1&ga_vid=1756452222.1660795085&ga_sid=1660795085&ga_hid=1873059030&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C31067825&oid=2&pvsid=840732997961381&tmod=505181634&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eNqdlCN6f4&p=https%3A//www.buhoblik.org.ua&dtd=190
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
avto-oblik.com.ua
bidder.criteo.com
buhoblik.org.ua
cat.fr.eu.criteo.com
cdn.admixer.net
cdn.ampproject.org
cdn4.telegram-cdn.org
cdnjs.cloudflare.com
creativecdn.com
csi.gstatic.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image8.pubmatic.com
inv-nets.admixer.net
m.trafmag.com
mts0.google.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
r.scoota.co
rtb.fr.eu.criteo.com
ssl.google-analytics.com
static.criteo.net
telegram.org
tpc.googlesyndication.com
www.buhoblik.org.ua
www.google.com
www.google.com.ua
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xn--r1a.website
142.250.186.34
146.0.227.109
178.250.0.139
178.250.0.157
178.250.0.160
178.250.0.162
178.250.0.165
185.184.8.90
193.200.65.6
198.47.127.18
2001:41d0:602:8bf::
2001:4860:4802:32::3
2001:67c:4e8:f004::9
2606:4700::6811:180e
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a02:2638:1::3
2a02:2638::1c
2a02:2638::2
2a02:2638::b
2a03:90c0:41:2801::254
2a06:6440:0:2d02::1
3.67.173.21
34.111.35.152
37.252.173.22
52.210.103.98
95.216.186.40
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
03bc0839c4ab84b2a470323f210bbf6762272651496b746d6a0e122bc66906ea
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b
0659c06b7d0012c71c6b18e4babe5c2cc8a1e8edaa90de36cdc583d8775586c6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af53eb1d30cce0ee7f1d9b328907db1e363d16f3319df73ac212b6d1dbdeca5
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51
18da79f767f5a603e9b235ec78993380e8c00aaf1ec855049e8a79107e3013c6
1c4bb4b37f05bc5752d618ab4828f2a6749b9046ddec75fbc50d7943befd31e6
1d08840a75c155fca6642bcc3d7ecc34497f6e0d19d030b1f2e0e249c753cfa3
1da67e20c0a4ac1486f38f01e01cdb805992a3f857ef49dccd9529e6b7571d0c
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
1e46e48a837d9ff05a193956ee173159b7b1d360581c822844e9dbfbca6c9bf6
1f44a512b87b9a63da9b969a44054d0264649b776d682894db413f1d3c45aa28
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
25acfe84806b66b7cd6fa3c4f94183e78a32025415c2bd01d3dfb16340ab2e47
26345a9625172670562d7ab2395db6bd15311e0f6cf5e66f2b4478bd994a7f6d
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2e5e131a5fe8b86ca84d625da87ea0eb947ef60a7afb309f235daefcc42f026d
319eb578634347f8bd6df61778b659ebe74e827b6395e114b084c3dbe613d854
32ae77196cf412d763b87b2aa85b038f536201a0df7164ed74581402b4733511
369df1a20842fadba8874855c9bf00397b951c3b4b6ea70d65a30ae292e3feaf
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
377d27d86822418762eb956a7d4eec9823d6a9d3fd6f6d3ca0d63fdf374a0b69
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3ab6bdc45b9e7ecded30d4f1c7b2215e990f446f331d3b646dffd6bb2c081c1c
3e1b74179b96128224ddccec1513390bba39aeb09133abf2e17a21f0639b2308
3e1ddcfe9afc3be4454c48b6cc10679e3d6bd165a0d8c231a77ca982d55b6bfb
4139220cef70b0dc6ec26232020d4ddb52acef1afcbf2e5b32ed00b7eef62ec7
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
437e2f919345cdc64ce4cc4de32598b6c99b2962f3e209c4c2efe4eeb4db7971
440369c9b7f1bb6fe32346ddb0aadb80c67bb2f314a42a58e8620b0dba6761b0
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49746986f429b5317647ee592ae88013bd46fe403ae79f2552e4f26f42bc4ace
4a003dc58f3e95a18e44712b9161181319e6a40613242cbcac158f6dc8d7339d
4a409076ca2553d234ff017fd0d2dcae6105cb2d3c691e73cdd8847c5dc62239
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
53566fb30e9e4d17a6e90a1a2ab4c8ccd41c26342e4fc486788bc457fc7266a3
536dab3f6cefa51f81e172ead35c79e2de704da110f4ee6e8286c3fa782467f2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56937ca7393d6071e9974aea6657020a5e810356fb0182725c6f257c66509125
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5abe4ec1b14120ec963c7bec8267ed0bbdcd52694f48daf0f1a57279748a1c6a
5e0a684723a981127981a095c23b0eb2cecefa041866191da27c4c13ffc524c3
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
610201d6f93cd07e8752aa5f6b9c0350d6c439f8b3c1bb783ca59dd63741b20b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6a7f785ba9641c95e17a39924e5fc97dd4ae9e0ba0e7e9d7fe4e777eb4fd8279
6a82502c1baab28ba6f410aa012fff53bd4f01d8de430e54589e583a0dc3ce80
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73e19dfae69969fd67f8ff0960f10e6d9620d7a0652f6875cdfbfa2a1fbfc897
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863becff90bf1df06057ece7de31b1873e4b7a56e7b5b2e2d8b48fd10b44c228
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd518f395ceb37e9a829bda5794c6bbbf8531b21b3d211f1e004573acc9edbb
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
902565ce7f27f6e504ee3790458fa3e9137a1c2b3d63d58ce6cd2fbcbf9db7ca
933205725b5a22d7dd0ee2d603c9ea51ca925dbb09ea3b62f074007e2ab4d335
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
9515fd659bfc875a860fc1c16542f8ab4de4ac190e5abaa38db8f7290e3732c6
95796fb57a64296d8e28431de6f7b70e97a22c2176829b295be1c8349b310429
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9b353dd85f83324f60497827f75c8a8ae333c8493e834ee26915fc4131546232
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a293a7ace275fc3b9a3b1d0b110cd74ef2808877babea0f5f100eb2a862fddd7
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3a9666403dd904811c01ba6925d89449b27aa3efe19e86b9d8864d660922fc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
acc016d92200ab69a1bf453f9db6ceaf6d4ee6fe0db09e3db7fb8da82b781d68
af87962b19fc06462de354b74e872cedae74a80dbe777e72b89481392f032936
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7b093955e7487be1bbec86d8a7ab2012c4716b5cf31b2b6df500edc04c06255
b87673d5f4085602ca52a2a9f1e923a436cfd682dce3050cf78fb11630e8f682
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
bb68aae18ecd5bcf816bb98cf5bb19c7e9fd1431b1519f746a9fd3aeb5d57e0d
bda0abf7f8615298475242a005ccfc0bfe887c43a71555288c4fd42d42d380f8
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be9e958e3936401cd2bd8cea8e5be51393a80463af874eebfc947f76e0fc4a83
c1c4a7e98f5ffbfd019d18b00036671b4a3aa558427fe4394a794d60aef00f41
c599d0279d49cf5382e9be1add34ec7c3b6791416e069a06e62ab2a331896b2c
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd
c79fe4aca7ad01b04807f0432625598e4e9cc7f46556b0e34a3ae84b767a812e
cf0f1054753e54c01e2d62f781173937b612a839aaafa2902316b321e5948b51
cf834601aa3e59f6a61453790dc88447b3d3910cc297be5f7891c41cc0ca21e9
d097bda59092b06b5bb3051bbef1791e8a7fc533a5aa62e40e898b3ec9308249
d130141331999d0830ff4d31900720d58382d820f5a6df810780193a4cb0eccc
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20
dabffe4a0b71d6abf83cc82c3ed7fcda4cc3582a4197e026117f2dc99c1dde3c
dcfed7e2e2c14fd97eec00ca6d50d3b0517261ff5354ae3a065fa402f8b0173f
dd4c56f7e4e4d47753a48540330518aa2f067e061970c7c3be640e23963aafb4
dd6e691a27d07125e04993917cfb3f75ac9d8926f6b66d7c2e45368aa130e660
ddf9a311a472730fa4dc7d178506179fe3659b8248d5ef17089dba880446f3f2
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e138955bef5b4f2741d819b617c881fa261244bd9dbe85f4a998b0892a101218
e2b5681736e74b5283c61329ec9966b607f78bdbb1361e73c4063fb935046ff8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4
e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58
e5eb27dce9681337b02a363fa1ffb28b0889ced23e0eba592fea3db0f76d2417
ead744a1d73c157d52b23a9c3fe8741c5565d735e8f7415229a67321d4ef92e6
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
ecaddf97aabaebf096d50c1c56c14008f4e57089152b7385943c783c3d8003ef
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef422f043a4d91eda341e1d981f9e1dce31b3fb321aac132b92c52ced20941dd
f1c5e16c3abc728ef3c7eb1ff66fc5b15f08232156bae6493e37becbd1b2f01d
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f7fce570fe3c47db38f2f04e0660e12d6520e979bfa2e4476ed677f867d6b76a
f892a013b618968e20d8352d09abe4f118d0664884b060fe3b430bcfec37c4e9