sud.ua Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sud.ua/
Effective URL:
https://sud.ua/
Submission: On September 26 via api (September 26th 2022, 3:59:56 am UTC) from GB — Scanned from GB

Summary HTTP 322 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 44 IPs in 13 countries across 45 domains to perform 322 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is sud.ua.
TLS certificate: Issued by E1 on September 2nd 2022. Valid for: 3 months.

This is the only time sud.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 72	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1	13.32.99.51 13.32.99.51	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 ^_^) (CDN77 ^_^)
10	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 11	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
1 10	136.243.84.75 136.243.84.75	24940 (HETZNER-AS) (HETZNER-AS)
1 1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	2600:9000:206... 2600:9000:206e:ea00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.29.231.189 52.29.231.189	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 22	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	34.120.139.69 34.120.139.69	15169 (GOOGLE) (GOOGLE)
4 4	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
2 2	144.76.119.17 144.76.119.17	24940 (HETZNER-AS) (HETZNER-AS)
1	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
2	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.251.39.70 142.251.39.70	15169 (GOOGLE) (GOOGLE)
3 3	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
22	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce	16509 (AMAZON-02) (AMAZON-02)
3	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.123.174.3 3.123.174.3	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
2 2	72.251.249.14 72.251.249.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2600:9000:223... 2600:9000:223f:8000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
322	44

72 2a06:98c1:3120::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sud.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

recreativ.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-51.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 136.243.84.75 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st11.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:ea00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.231.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-231-189.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.191.196 (Luxembourg) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.119.17 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.17.119.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.123.239.111 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.174.3 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-174-3.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	sud.ua 1 redirects sud.ua	3 MB
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	586 KB
47	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 340 ad.doubleclick.net — Cisco Umbrella Rank: 178 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	245 KB
33	gstatic.com fonts.gstatic.com www.gstatic.com	480 KB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	2 MB
18	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 jnn-pa.googleapis.com — Cisco Umbrella Rank: 273	69 KB
11	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9079	15 KB
10	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	29 KB
10	rcvlink.com 1 redirects go.rcvlink.com — Cisco Umbrella Rank: 64920 st11.rcvlink.com — Cisco Umbrella Rank: 81151	79 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	305 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	5 KB
4	rubiconproject.com 4 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	2 KB
4	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	289 B
4	betweendigital.com 4 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2092	3 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 113	248 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	199 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	619 B
3	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1020	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 561	634 B
3	agkn.com 3 redirects d.agkn.com — Cisco Umbrella Rank: 638	2 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 290 www.google-analytics.com — Cisco Umbrella Rank: 27	37 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4671 buttons-config.sharethis.com — Cisco Umbrella Rank: 5622 l.sharethis.com — Cisco Umbrella Rank: 4493	45 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 597	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 637	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 739	2 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	462 B
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1423	593 B
2	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18940	380 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5376	914 B
2	bigmir.net 1 redirects c.bigmir.net — Cisco Umbrella Rank: 150887 i.bigmir.net — Cisco Umbrella Rank: 296884	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 754	338 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 696	447 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3005	104 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 117	27 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 232	2 KB
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 14822	239 B
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2415	463 B
1	eskimi.com dsp-trk.eskimi.com — Cisco Umbrella Rank: 41093	256 B
1	uuidksinc.net s.uuidksinc.net — Cisco Umbrella Rank: 4096	242 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 72792	351 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	641 B
1	mixadvert.com m.mixadvert.com — Cisco Umbrella Rank: 210712	4 KB
1	sendpulse.com cdn.sendpulse.com — Cisco Umbrella Rank: 26991	35 KB
1	recreativ.ru recreativ.ru — Cisco Umbrella Rank: 236187	62 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
322	45

	Domain	Requested by
72	sud.ua	1 redirects sud.ua cdn.sendpulse.com
39	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
22	cm.g.doubleclick.net	sud.ua googleads.g.doubleclick.net
21	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.youtube.com sud.ua googleads.g.doubleclick.net
20	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
19	pagead2.googlesyndication.com	sud.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	www.youtube.com	sud.ua www.youtube.com
13	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net www.gstatic.com
11	a4p.adpartner.pro	1 redirects sud.ua a4p.adpartner.pro
10	fonts.googleapis.com	sud.ua googleads.g.doubleclick.net
8	www.google.com	1 redirects www.youtube.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	jnn-pa.googleapis.com	www.youtube.com
7	www.googletagservices.com	googleads.g.doubleclick.net
6	go.rcvlink.com	1 redirects sud.ua go.rcvlink.com
5	ssum-sec.casalemedia.com	5 redirects
4	pixel.rubiconproject.com	4 redirects
4	image6.pubmatic.com	googleads.g.doubleclick.net
4	ads.betweendigital.com	4 redirects
4	st11.rcvlink.com	sud.ua
4	www.facebook.com	1 redirects sud.ua connect.facebook.net
4	connect.facebook.net	sud.ua connect.facebook.net
3	rtb.openx.net	googleads.g.doubleclick.net
3	cms.quantserve.com	googleads.g.doubleclick.net
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	d.agkn.com	3 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	ag.innovid.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	static.doubleclick.net	www.youtube.com
2	exchange.buzzoola.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	ssl.google-analytics.com	sud.ua
1	onetag-sys.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	dm-eu.hybrid.ai	sud.ua
1	inv-nets.admixer.net	sud.ua
1	dsp-trk.eskimi.com	sud.ua
1	s.uuidksinc.net	sud.ua
1	t.trafmag.com	sud.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	a4p.adpartner.pro
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	i.bigmir.net	sud.ua
1	c.bigmir.net	1 redirects
1	m.mixadvert.com	sud.ua
1	cdn.sendpulse.com	sud.ua
1	platform-api.sharethis.com	sud.ua
1	recreativ.ru	sud.ua
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
322	57

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
plus.google.com
a4p.adpartner.pro
www.bigmir.net

Subject Issuer	Validity	Valid
*.sud.ua E1	`2022-09-02` - `2022-12-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.recreativ.ru Thawte RSA CA 2018	`2021-08-23` - `2022-09-06`	a year	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
1603358863.rsc.cdn77.org R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
m.mixadvert.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2022-09-25` - `2023-10-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
uuidksinc.net R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
*.eskimi.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-14` - `2023-05-15`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://sud.ua/
Frame ID: 9AD3C430B1A23A7F1E1FD7B507CAA74A
Requests: 117 HTTP requests in this frame

Frame: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
Frame ID: 686EE7F5DD3A43BEDE629D922F6F7716
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
Frame ID: 1B276D65209B5F194C0ACCBDDE5A8DE5
Requests: 21 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: 65373BCE7C3F1F7DEFAE081DEC7F8DA9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Frame ID: B8539D1CE94D67952153B800641A682D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=a81bd598-5f86-4451-81db-cbb7c2282c09&session_pageview=1&session_id=694c435a-ba25-4cd8-995e-b637424d61c0&site_visited=1&location=https%3A%2F%2Fsud.ua%2F&referer=
Frame ID: 12CA6C151B72551EE5B75732503EC8A8
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=694c435a-ba25-4cd8-995e-b637424d61c0&site_visited=1&apuid=a81bd598-5f86-4451-81db-cbb7c2282c09&width=300&screen_width=1600&reload_count=0&banner_num=1664164789422889345&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F
Frame ID: 5DFBA05DC1685EA9CC6143F987EC99BB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&adk=1812271804&adf=3025194257&lmt=1664164789&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsud.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164789611&bpp=3&bdt=510&idt=265&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4861910937849&frm=20&pv=2&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: C076E0D2D66BD4F6F1E34EE97D1D6A87
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: 6D0641DD5E64E6AC46D4F8BA98CFCBE4
Requests: 7 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22a81bd598-5f86-4451-81db-cbb7c2282c09%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2778881%2C%22cost%22%3A0.000312504%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22aeda2850-1b3b-429f-910e-e0058848c96d%22%7D%2C%7B%22ad_id%22%3A3208561%2C%22cost%22%3A0.000208605%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%227b0ae76d-83e8-44f1-8ae6-834cac5b58ce%22%7D%5D%2C%22unit_id%22%3A6480%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fsud.ua%252F%22%7D
Frame ID: B803A1930A8B6B3E5744F6A414CCA6C5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C48EF6C9E51C5BE5568C688FF4246BB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16
Frame ID: A38EA56504B08177E096DC542E454BD3
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=4068299810&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600&nras=3&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iHaHORf0E3&p=https%3A//sud.ua&dtd=22
Frame ID: 4020B6442000698A82DA2DBB5C6BA59F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2764862848&adf=3911060680&pi=t.aa~a.1676023814~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280&nras=4&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=afDqYcV0hL&p=https%3A//sud.ua&dtd=26
Frame ID: F8B8FCC95EE73EB9FC75B2388B911B52
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=3298259486&pi=t.aa~a.4124068143~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600&nras=5&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7mjsLk1Aj0&p=https%3A//sud.ua&dtd=29
Frame ID: 49CF2F76F87A4C7F1D417BD31877ABF6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=50&adk=3872706551&adf=1960333627&pi=t.aa~a.3325116505~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x50&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=1&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600%2C275x600&nras=6&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=McWS4A2OQU&p=https%3A//sud.ua&dtd=32
Frame ID: 5704B5FCE42014FE459859D8E11D7A10
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Frame ID: 00D83512D18E04E44693845B228D15CB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Frame ID: 12F42B66114A5CE77F0F9766BFCE9A10
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 87794ADDB06BC87CC096A0E08AD74DFA
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 29FD445FAD7286605BC8D7766DA656AD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AE804ED6D871A322B2C60AAC914EC33E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B26EFAE267CD5671548CECA5D23FA5DC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0151688B66A3E1D45DD8EB50BBCC0DE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: FC57F9756C3F724E542217E6344EC95C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0FD72CBC7A9EE90D77EB50B5D7CE0D2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8638911F03C19372E4723D11CCC4954
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: DDCAB93AFC74E407387541E0CF022237
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: B6BBB0C33AEE063FA6BE577D50F2A5A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 9B129F9E6DC95566973F3D6CBBEEFF5A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: B0122882B636E96949F59C3BF7957764
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 37618154639BA7EC13D9C523F31F86AC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D195181397643045%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df33d21bc6a1baac%2526domain%253Dsud.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsud.ua%25252Ff1e105ae49bbf0c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsudgazeta%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
Frame ID: 4E4DCE8967FE34A563D378A216ACEF64
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6570A904D52F32FDBB714DD73389E198
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49F5981BA962D34A0D41EC443696F29D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Судово-юридична газета

Page URL History Show full URLs

http://sud.ua/ HTTP 301
https://sud.ua/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

322
Requests

91 %
HTTPS

46 %
IPv6

45
Domains

57
Subdomains

44
IPs

13
Countries

6811 kB
Transfer

14916 kB
Size

49
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/sudua

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sudgazeta/

Search URL Search Domain Scan URL

URL: https://twitter.com/sud_gazeta

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC5R89CNV6EE9ruwuEFRcOcw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sud_ua/

Search URL Search Domain Scan URL

URL: https://plus.google.com/109465346485446350920
Title: Google+

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6480/2778881/64fc4c02-b59d-4120-973b-c9ef0d679492?data=eyJjcmVhdGVkX2F0IjoxNjY0MTY0Nzg5LCJzaG93X2lkIjoiNjRmYzRjMDItYjU5ZC00MTIwLTk3M2ItYzllZjBkNjc5NDkyIiwiYWRfdW5pdF9pZCI6NjQ4MCwicnVsZV9pZCI6MCwiYWRfaWQiOjI3Nzg4ODEsImRhdGFfc291cmNlIjoiYXBwLWhiLXBsLTIwOnRpemVyX2FkIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6ImE4MWJkNTk4LTVmODYtNDQ1MS04MWRiLWNiYjdjMjI4MmMwOSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0=&hash=9ba55a46ee8a3b6a3c9f6f4975bea517
Title: Самые дурацкие моменты в спорте. Угарные кадры со спортсменами: их должен увидеть каждый.Угарные кадры со спортсменами: их должен увидеть каждый.подробнее

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6480/3208561/295e4406-6052-4fda-92dc-479a642d01e1?data=eyJjcmVhdGVkX2F0IjoxNjY0MTY0Nzg5LCJzaG93X2lkIjoiMjk1ZTQ0MDYtNjA1Mi00ZmRhLTkyZGMtNDc5YTY0MmQwMWUxIiwiYWRfdW5pdF9pZCI6NjQ4MCwicnVsZV9pZCI6MCwiYWRfaWQiOjMyMDg1NjEsImRhdGFfc291cmNlIjoiYXBwLWhiLXBsLTIwOnRpemVyX2FkIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6ImE4MWJkNTk4LTVmODYtNDQ1MS04MWRiLWNiYjdjMjI4MmMwOSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0=&hash=31bb0682064d717899d3a9221f4db8c0
Title: С такими котами вам скучно не будет: уморительные кадры. Ну как их можно не любить?Ну как их можно не любить?подробнее

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sud.ua/ HTTP 301
https://sud.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://c.bigmir.net/?v16953431&s16954880&t3&c1&n560198&w0&y0&d24&r1600 HTTP 302
https://i.bigmir.net/cnt/03.png

Request Chain 128

https://go.rcvlink.com/mtch/31/a81bd598-5f86-4451-81db-cbb7c2282c09 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=71189633253

Request Chain 130

https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=0b5f1753-9660-520d-9d6b-3a4efe5a19f8

Request Chain 131

https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=0b5f1753-9660-520d-9d6b-3a4efe5a19f8

Request Chain 132

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=e9584277-7237-460f-6175-97dd2d2035da

Request Chain 133

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=bc7d00be-0c17-40a6-60a5-c6735855198b

Request Chain 134

https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id} HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

Request Chain 137

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 139

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 208

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B27397474.344142597;dc_trk_aid=535686675;dc_trk_cid=176399011;ord=346680946;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B27397474.344142597;dc_pre=CNLK7PnIsfoCFdmK_QcdrdoOsg;dc_trk_aid=535686675;dc_trk_cid=176399011;ord=346680946;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 264

https://d.agkn.com/pixel/2175/?google_gid=CAESENHDz90l_t8obNbT_f5mRJ8&google_cver=1&google_push=AZmPxg_wcdxY88n0RXMm9w-wvy8ee-nZhRA9UhfcgQvP1Jgh2cv1-u6inVW6cAdeAsocXHR_r3aqU0JWFt3-NaK0wgtuZ5FpZKhE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_wcdxY88n0RXMm9w-wvy8ee-nZhRA9UhfcgQvP1Jgh2cv1-u6inVW6cAdeAsocXHR_r3aqU0JWFt3-NaK0wgtuZ5FpZKhE&google_hm=Q0FFU0VOSER6OTBsX3Q4b2JOYlRfZjVtUko4

Request Chain 265

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8aMNuJMKb2Z4B46TUp_1apIK_HMF0wP4ymbY0nsPZEvrSLC5-koLfN5tqLXFucPSicfbDZ2Pd5gNRkyPb1QBiOKIcun4Jm&google_gid=CAESEHQ8ULq0Aqc0cMkcCmhlI50&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLfHxJkGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWm1QeGc4YU1OdUpNS2IyWjRCNDZUVXBfMWFwSUtfSE1GMHdQNHltYlkwbnNQWkV2clNMQzUta29MZk41dHFMWEZ1Y1BTaWNmYkRaMlBkNWdOUmt5UGIxUUJpT0tJY3VuNEpt HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVUhHTnFnT3NSZ3hCbC04a3UtbzJDMDl4dmtYcEdTYkxLZ2NweGpZNXpPQQ==&google_push

Request Chain 267

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPlUvqxbv_x5COw0-EGR6vY&google_cver=1&google_push=AZmPxg_1vYx-ElWfKdr9yzdgwf2PJ7bzTL3Pd4G5pMRMEp-FnlqrNg1BBc0h0h8EPfZSg6SGZtGJdXD-uVJkfogLcJ7mtnfoqCM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaOE4tMy1JVllU&google_push=AZmPxg_1vYx-ElWfKdr9yzdgwf2PJ7bzTL3Pd4G5pMRMEp-FnlqrNg1BBc0h0h8EPfZSg6SGZtGJdXD-uVJkfogLcJ7mtnfoqCM

Request Chain 268

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBK_lmV6cvk0Cb55pi5RyNs&google_cver=1&google_push=AZmPxg-WFXl6BG6W1DOX3q6iw-ahBwiq_coDHgCo7FLFXWLdw7Ufixk-7XPFSlQj7ZqHvHq2Dsaj3GTaiA6zbaYSsgcq_Dxx3og HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBK_lmV6cvk0Cb55pi5RyNs&google_push=AZmPxg-WFXl6BG6W1DOX3q6iw-ahBwiq_coDHgCo7FLFXWLdw7Ufixk-7XPFSlQj7ZqHvHq2Dsaj3GTaiA6zbaYSsgcq_Dxx3og&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBK_lmV6cvk0Cb55pi5RyNs&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg-WFXl6BG6W1DOX3q6iw-ahBwiq_coDHgCo7FLFXWLdw7Ufixk-7XPFSlQj7ZqHvHq2Dsaj3GTaiA6zbaYSsgcq_Dxx3og

Request Chain 282

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 287

https://d.agkn.com/pixel/2175/?google_gid=CAESEEkOC7WRbG0vBO-2T6jqRrM&google_cver=1&google_push=AZmPxg-DG_C9KV8ps640O_yWO0JsCa9jdG-E1yKhZVK4zC7yoVE1gt8gnavVVumFgQA_Rp-cwf3owozqk3NDPowjrRHJv0tWXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-DG_C9KV8ps640O_yWO0JsCa9jdG-E1yKhZVK4zC7yoVE1gt8gnavVVumFgQA_Rp-cwf3owozqk3NDPowjrRHJv0tWXw&google_hm=Q0FFU0VFa09DN1dSYkcwdkJPLTJUNmpxUnJN

Request Chain 291

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJZ1Mw74MKDIcZWTNnMq9M&google_cver=1&google_push=AZmPxg9cketSsPMl3YPa6wUpua87d175v8_gke7XGQ4BfZDBohFB6yRk70pSDPcAuyDGfCb6nqWOaGuTPl-PBXZcdxM3aNNpSks HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaQjItMTItNE80&google_push=AZmPxg9cketSsPMl3YPa6wUpua87d175v8_gke7XGQ4BfZDBohFB6yRk70pSDPcAuyDGfCb6nqWOaGuTPl-PBXZcdxM3aNNpSks

Request Chain 292

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELW1Y47r6Z30yRNg6JlGdOA&google_cver=1&google_push=AZmPxg8Y48QZeHkOvL0wwvHuJ7-S1h1SjhxfPeLPqo7gFNOuNa268J_3V1y2bLGXW-KtOCHrGNJRxSv9DAfcJPXFZgAFeNEJwd0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELW1Y47r6Z30yRNg6JlGdOA&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg8Y48QZeHkOvL0wwvHuJ7-S1h1SjhxfPeLPqo7gFNOuNa268J_3V1y2bLGXW-KtOCHrGNJRxSv9DAfcJPXFZgAFeNEJwd0

Request Chain 298

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPEMhW6UdozTFiMla36UCeQ&google_cver=1&google_push=AZmPxg8iH1uJW4-Ayq-jQ7VTU6nfu5xbptuX4BjsvKek7nWUJLMXd5xxEGHlTJ8660hXG8LAijos-OSU5EMZRIwQXEwcyV8IG7cd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaQ04tMUItN0dMQw==&google_push=AZmPxg8iH1uJW4-Ayq-jQ7VTU6nfu5xbptuX4BjsvKek7nWUJLMXd5xxEGHlTJ8660hXG8LAijos-OSU5EMZRIwQXEwcyV8IG7cd

Request Chain 299

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGDypGz8qyb5h7TFqt2mHuw&google_cver=1&google_push=AZmPxg81VkZ72WpxahVP60kCorlAg-92OLv7cOOfKOx8BLW_VYAYUhL2CPoiWqjOulQ9-_QvwWbBHxUBJraokVHJv84WouXjCE4d HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGDypGz8qyb5h7TFqt2mHuw&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg81VkZ72WpxahVP60kCorlAg-92OLv7cOOfKOx8BLW_VYAYUhL2CPoiWqjOulQ9-_QvwWbBHxUBJraokVHJv84WouXjCE4d

Request Chain 303

https://d.agkn.com/pixel/2175/?google_gid=CAESEE90cknXCCTFKm_xrOT5p7I&google_cver=1&google_push=AZmPxg9M3eUdlVtsy0706tJHJ9hrNEHUbaexELEcDCNXqKzpEyqMde31AujR70fzG51bdSzOzioF0cuIyHsEHgKoyZlxQB4-svg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9M3eUdlVtsy0706tJHJ9hrNEHUbaexELEcDCNXqKzpEyqMde31AujR70fzG51bdSzOzioF0cuIyHsEHgKoyZlxQB4-svg&google_hm=Q0FFU0VFOTBja25YQ0NURkttX3hyT1Q1cDdJ

Request Chain 307

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDywuKSXckdM-mg19bAxfNs&google_cver=1&google_push=AZmPxg_obiNNLoXzlA3fCK7gDUHlGMAjGU5-CEQEu4hALjg2BHXCrgeU49FjEBMsh7I5koVqfjK7iFNSLKeJA--7W-wWiAb_CIU HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDywuKSXckdM-mg19bAxfNs&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg_obiNNLoXzlA3fCK7gDUHlGMAjGU5-CEQEu4hALjg2BHXCrgeU49FjEBMsh7I5koVqfjK7iFNSLKeJA--7W-wWiAb_CIU

Request Chain 312

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECo7TTCANX-y9vsNFRgOqLg&google_cver=1&google_push=AZmPxg9Hb7t0rI0iv6vj6U8abVKNKBbLMrUcdfTPmH8zxfTfIx0mZFKKARIgqL0B3j6c9Emc0-AEHPSTccJ0yoayk8ryXvZSTf4-d5g HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECo7TTCANX-y9vsNFRgOqLg&google_cver=1&google_push=AZmPxg9Hb7t0rI0iv6vj6U8abVKNKBbLMrUcdfTPmH8zxfTfIx0mZFKKARIgqL0B3j6c9Emc0-AEHPSTccJ0yoayk8ryXvZSTf4-d5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0RkMDd0UGkxT0NGaEI1&google_gid=CAESECo7TTCANX-y9vsNFRgOqLg&google_cver=1&google_push=AZmPxg9Hb7t0rI0iv6vj6U8abVKNKBbLMrUcdfTPmH8zxfTfIx0mZFKKARIgqL0B3j6c9Emc0-AEHPSTccJ0yoayk8ryXvZSTf4-d5g

Request Chain 313

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECyTh5-SyAf_AloUhsWSwRc&google_cver=1&google_push=AZmPxg-Wk7tCGKa14EYy_woxaz06L9fOFvzvKCcPtfAPaqRdh6O42Jot_3BjN1opdL71ei8djqo2pt2eZ8r9qKz_VUpq4anFqEYtBg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECyTh5-SyAf_AloUhsWSwRc&google_cver=1&google_push=AZmPxg-Wk7tCGKa14EYy_woxaz06L9fOFvzvKCcPtfAPaqRdh6O42Jot_3BjN1opdL71ei8djqo2pt2eZ8r9qKz_VUpq4anFqEYtBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUwMzIwMTg0NDMyNjc5MTYwNg&google_push=AZmPxg-Wk7tCGKa14EYy_woxaz06L9fOFvzvKCcPtfAPaqRdh6O42Jot_3BjN1opdL71ei8djqo2pt2eZ8r9qKz_VUpq4anFqEYtBg

Request Chain 314

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI0MBN3SbswOudVM_5loQj4&google_cver=1&google_push=AZmPxg-22kafx0Va6iu0UlL0GGNJUtgnf6p641QE_FCqZthAGGLydZaHymc-fPBsqAIXe7CUjTppwxti5OJWoi4CnjH13nY52PlioQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaRFktRi1MQVdD&google_push=AZmPxg-22kafx0Va6iu0UlL0GGNJUtgnf6p641QE_FCqZthAGGLydZaHymc-fPBsqAIXe7CUjTppwxti5OJWoi4CnjH13nY52PlioQ

Request Chain 315

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELADBlObfQDugwpPDfsMEo8&google_cver=1&google_push=AZmPxg_tFnjUIdwCLrSm-vM6olH0hSLl2Kh5BiP6SsfgSwA-IGOLuh2l47Ao0sV0VRw43hTQ0YvOAoZ7MMvKHJgMl4EmsyD0Igu4sc8 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELADBlObfQDugwpPDfsMEo8&google_cver=1&google_push=AZmPxg_tFnjUIdwCLrSm-vM6olH0hSLl2Kh5BiP6SsfgSwA-IGOLuh2l47Ao0sV0VRw43hTQ0YvOAoZ7MMvKHJgMl4EmsyD0Igu4sc8&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_tFnjUIdwCLrSm-vM6olH0hSLl2Kh5BiP6SsfgSwA-IGOLuh2l47Ao0sV0VRw43hTQ0YvOAoZ7MMvKHJgMl4EmsyD0Igu4sc8&google_hm=FYPPpGZHE2WdcuUFTkOpv6t4

Request Chain 316

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC3aUvMqD3EhZo_KIR_HyMo&google_cver=1&google_push=AZmPxg9QG8OuaqppBFCSvd4tHKyu03blW0Tc3cxydZlzgOqQamMWXRjeKWwq6mfr0ZJxLkJPwPyj-_wtrlj4RkygggSaEw_074TNvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9QG8OuaqppBFCSvd4tHKyu03blW0Tc3cxydZlzgOqQamMWXRjeKWwq6mfr0ZJxLkJPwPyj-_wtrlj4RkygggSaEw_074TNvw

Request Chain 317

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBjfcA-yPs0fUHTSCIoEp8U&google_cver=1&google_push=AZmPxg85jk9z1KPrrGJwmGIB3K7MNqdj9ny82obRZACwtx6bEK6saT7DRxL-KQDy8ODSRbb0YsBlgQQP-60erKd3-ajBgNZfYryjnfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg85jk9z1KPrrGJwmGIB3K7MNqdj9ny82obRZACwtx6bEK6saT7DRxL-KQDy8ODSRbb0YsBlgQQP-60erKd3-ajBgNZfYryjnfQ

Request Chain 323

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33d21bc6a1baac%26domain%3Dsud.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsud.ua%252Ff1e105ae49bbf0c%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsudgazeta%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D195181397643045%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df33d21bc6a1baac%2526domain%253Dsud.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsud.ua%25252Ff1e105ae49bbf0c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsudgazeta%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

322 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sud.ua/
Redirect Chain

http://sud.ua/
https://sud.ua/

112 KB
23 KB

843ms
777ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 1899e27870bd3ce0a269082ccc8a884de2113e2c362e79c14a907cb76ed5b36e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=300, public, s-maxage=300
cf-cache-status: DYNAMIC
cf-ray: 750916c70f4add86-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 03:59:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lndt1DLyTa0hMIOA3NNX%2FHGGMXpv7vnA12s6rFkfgwKGfnXJ830v6k4JgwAK0HbyWkgV%2BlCtq85WoY7fsNkBX1OwuyzzUBpP0Mq4psRCPROc0fOhG%2FazIVlEQrca%2FJ0FSIywAk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

Redirect headers

CF-RAY: 750916c66b2972e4-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 26 Sep 2022 03:59:48 GMT
Expires: Mon, 26 Sep 2022 04:59:48 GMT
Location: https://sud.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBaLn9pnT6ay7hRi03hJZZjdDSUBke1ElwJLdM2HRH31DZ%2F8rstQqLXABpyJjKWf1QXDgnrTIhP8fbOsJJY1%2Fy66utOvumXJxWGZv4fivxYs924NF8xzwhZjsXu59S%2Bks66XKRc%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sud2.css
sud.ua/css/ 39 KB
8 KB 44ms
36ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/sud2.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f31f5c6acc865e7dac32690cdbbc6dfac759483ce4414eaf02f3fd0d11b009

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1830884
cf-polished: origSize=54221
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 04 Sep 2022 22:00:49 GMT
server: cloudflare
etag: W/"63152011-d3cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQX5cXUNljoru4FndttpiqQWypmqeYTyAOfZss5zJkm%2BzVlU54Omxdvfe%2FPNWi5fwbvIctNclr2tCGZOD2VdmHvKkhqBz2QuGJX70hCy%2Fyj51OVGd%2B2PkbF6iIH%2BOQQaaGF4PCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 750916cc1b24dd86-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 superfish.css
sud.ua/css/ 310 B
551 B 41ms
34ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/superfish.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ccdf471cfc392fc8f0cee332bab9174a958b301d54792a344e9d922fecb49e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2151831
cf-polished: origSize=419
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr36AFuvST7pGuukgSfeYsOYf0ZmRdWnJCi0NkAgYOdyM5V%2B2EJ4EciTsGpfeGPdeMZNiRjKo475gqcAVnzke24XWHsff3hJ5xbmhVJ2h84wmip8T0gz4lFKbZvPvczQVpMajZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 750916cc1b26dd86-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.css
sud.ua/js/jquery-ui/ 22 KB
5 KB 42ms
36ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.min.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd51ccb5a721fa2dee14495f4a2304aa493ee0e1b9e8cdccd5c71681f8679d33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 2151831
etag: W/"5ba0ee53-595a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k%2FXmB5cxqGiYu53%2FfHFZAYeFju%2B%2FdTGqeGQN256cyizIoFShWb4gbA2919tRIUhjz9es3H9cUMQF%2BHDdVhi50RVywMb%2FJA9YZsG2KwrgozPrNCKEIh08VN65OmQx%2BL%2B8AkRXbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750916cc1b27dd86-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.theme.min.css
sud.ua/js/jquery-ui/ 13 KB
3 KB 42ms
38ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.theme.min.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 260315e4555f49b1337ec2b809c44d6910e10205c65e5141bad381805d2ba826

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 2151831
etag: W/"5ba0ee53-351f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXuHzp%2Ba4c%2B4nVG0gz%2F1tvFK60XNOVfOrx2L1%2FTZ02YpvYghWZzk9JqiPPGZVr5aVT%2FXdxXXJvADqdfh1A%2BV14l4%2B%2B6SE1cnvfjuuyK09Yq2CdS03%2BcSColZ7Alni6PVlHg3e7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750916cc1b28dd86-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fancybox.css
sud.ua/js/fancybox/ 4 KB
1 KB 41ms
37ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/fancybox/jquery.fancybox.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f8d462b525463127b626f5d9053ada2169ed3276e56ee97e55bda688047f17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2151831
cf-polished: origSize=4886
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1316"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEv1v4O2UG4TJVms0a6NX%2FluQVDpoUlK8Bz5bbQUuWJHrSGMBAReHd5G%2BUcHeV5DmMMuj9%2FSAoCZUCJ5S5%2BoDVDVMJ4n2Ja7CqPoE5jcqY2%2B8ZjDTZGb%2FyYeW56ZM5Qemd4DNCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 750916cc1b29dd86-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flexslider.css
sud.ua/js/flexslider/ 4 KB
1 KB 40ms
37ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/flexslider/flexslider.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d1d14f8191806ba0c7ad15cf563279f403ef9c0e388d930ef442f862b89f832

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2152312
cf-polished: origSize=5988
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1764"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hlruAET%2F2mmz0QXtHOEGYTc2EohJc6twP5mXbrXXwG7lnSUbo19iZGo62DwyPJu7JkWFKqygy9K%2FrUvdQWz6HYQPSUMaW6XOpFCKyjeGH%2B5GRf0l6gaEYE1%2Bb2dOKt3sLuypds%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 750916cc1b2add86-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 181ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84856303f29a606afea4b1d81bd5bb342db337c870f958fc130a2ae23c816b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57811
x-xss-protection: 0
server: cafe
etag: 1609181315323855597
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 03:59:49 GMT

GET
H3 200 logo_uk.png
sud.ua/images/ 9 KB
10 KB 128ms
117ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/logo_uk.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d3fbd15430e32a46ba707e7d8cbd4b275d45132696af07f1e9f4251d893f84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1832705
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9577
last-modified: Fri, 15 Jul 2022 18:58:26 GMT
server: cloudflare
etag: "62d1b8d2-2569"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djE4JGuZcoNC3ILJeiewNSOOTMGif6yCH4905Z4bZ9DYqevLh698Np4odm6oF0svaAd1EG0f7qC4xOEtngdw2%2Bdz2%2FLNDmD9Ycg1GG1PsV4qN%2FL0Utw06GJuBZWC%2FHJiQdknD5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab2b76f5-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 8d96739fb7fc2e63b9a5699732bfa57094125ae2.jpg
sud.ua/uploads/news/2022/08/03/ 34 KB
34 KB 130ms
119ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/08/03/8d96739fb7fc2e63b9a5699732bfa57094125ae2.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0f6224dcecac5dbce8757a3eeec80e4093eaf6177fb1df986155e165d3a915

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 Aug 2022 11:41:38 GMT
server: cloudflare
etag: "62ea5ef2-8787"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iev8JP%2Bc6aMD0ddOuuViHOfCdUGS3zL3qo9CYAsG6acIL8SbQsncgCYFfiziUctoWVvSIKunvNd4s0GQxEQo9nju1pd9pW7sBSzk2NBN%2B7Zo3pmrJQdDfx3P1l3vcsQTm1vJEBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab2c76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34695
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1bc97e9481b81b98d3ec26db8cb4da6dda929f41.png
sud.ua/uploads/news/2022/09/25/ 214 KB
215 KB 202ms
191ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/25/1bc97e9481b81b98d3ec26db8cb4da6dda929f41.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f172361447d3fe5e304068a63b0aa28b64ccd7a5dc960fef84b82a16dae9e5ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 25 Sep 2022 08:53:45 GMT
server: cloudflare
etag: "63301719-359cb"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjTu8QrGQvRuvOrUes6V6Qu7W%2B4zg2YhSoUxEsCDRH9b7zN60ZRlcOBmtVwRT8qx441TsrPh5j13ytACnHYBUyxyHVSpleNIvpmLV24M1vJfcybcXGMHRGBj3aap6WVw40XYmFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab2d76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 219595
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 7fb41c0de6be0eebb3682d9b0dcef3c455afb1e2.jpg
sud.ua/uploads/news/2022/09/25/ 45 KB
45 KB 228ms
218ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/25/7fb41c0de6be0eebb3682d9b0dcef3c455afb1e2.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d0e854f0c5e37ed1ab3538c97081fe7213c94f0cac3180b717d3d3a8b213074

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 25 Sep 2022 08:51:16 GMT
server: cloudflare
etag: "63301684-b3b6"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZ1qvnWTIffyanBZhVu4DStP6knnMzbgkMA1o%2BAHdLVmDCv5HzPz3rMzghVLe1sJ6otpsiQ1AhUJjoHe4AcqSaD2BopXLtUrxW1q8uhOHJ8u25w%2F%2Bhh3n3owFnxi6EtrNOE1SxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab2e76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46006
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6fb453183e4c36b6defb4deafd0e07c059e2df9f.jpg
sud.ua/uploads/news/2022/09/25/ 38 KB
39 KB 231ms
221ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/25/6fb453183e4c36b6defb4deafd0e07c059e2df9f.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 052c6c4b5119f1c65a1356a34b305007fd8833c66c8cb754f66ede780bed767d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 25 Sep 2022 08:48:56 GMT
server: cloudflare
etag: "633015f8-99db"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpVOl%2B0xmN79wSlWdVF%2FHfYtoZhr4TX6bssdM944kQ%2FIyxIYPt78%2BkGLiB5Sb%2FYwvyAJUq%2BI4J7WmFbwuLC5DVUyr%2FcBkhEYZuf%2BL2FvPHpx97cjuhbvoqHsokdwo7MVjRhpDZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab2f76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39387
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 4c12b804a3caffa155c0682087e758f5117ecf77.jpg
sud.ua/uploads/news/2022/09/24/ 60 KB
60 KB 254ms
244ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/24/4c12b804a3caffa155c0682087e758f5117ecf77.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42e7078a0496aa2948780c38836903fe0bfeec6540c6ea98d0bdb67c9386069

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 24 Sep 2022 09:06:44 GMT
server: cloudflare
etag: "632ec8a4-ee9d"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10XGjsOLwPlltDVtiNn3pYoTuIg1L%2FR7rfKyhCIWgDyXzcWHGjQOx%2FP%2F42%2BTcX5z5b5HV0F2g%2BUPKDZysDShJSNhzwnm3KuDNkBIcN0mMCHJinC2ZM3OVSpasOCOUQxlzDzA1zo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3176f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61085
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 e8791b1dc380fc20ddada88c6ccb383f03e492b6.jpg
sud.ua/uploads/news/2022/09/24/ 64 KB
64 KB 271ms
261ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/24/e8791b1dc380fc20ddada88c6ccb383f03e492b6.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a7b80b95326e50d2bf45ddcafa9c8c75800b6e3f33bc1b144477c37eb12f98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 24 Sep 2022 09:01:46 GMT
server: cloudflare
etag: "632ec77a-ff43"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kr8zBEYdihaCW6Zx8WR00AWL59Codty%2BvB7uPMsCues6YXXmRjom7qz9fn97oJocWjXNXsM0gEViwEM4WoAAPfbvWu27wnFrrOUPp1C7mIip8Qf86NFHUMWGJ8%2FXFF1tgPu%2Bak%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3276f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65347
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 4fcf71e16daaa401b096fa1b2267a6d2888e4bc7.jpg
sud.ua/uploads/news_author/2019/ 6 KB
7 KB 182ms
171ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2019/4fcf71e16daaa401b096fa1b2267a6d2888e4bc7.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8d545b610a7e10f6e5f9ef979119fda476e5d57c6457883e673a334834398ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Jan 2019 09:53:44 GMT
server: cloudflare
etag: "5c517428-18e3"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ka6s%2FD2W1fJ%2FiJWWCbf2bH5CImZyg2zAULCmWgjKgUl81BYsfU3HFTHOcIPjH825um1p70vUp%2FMROUjWXrIIwxiRUoXLjzoYS3Oj6u0F3fBpCUs3hRQwub%2FMTpWDYzLKInzyw3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3476f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6371
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 17a023726052d59cc58da6af46953dab36e6be94.jpg
sud.ua/uploads/news_author/2021/ 6 KB
6 KB 182ms
172ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/17a023726052d59cc58da6af46953dab36e6be94.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebfe39b031acb5d2b23a61e788140a47abcdb12db548c28c217fe5b1a7669a78

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Aug 2022 15:15:50 GMT
server: cloudflare
etag: "62ffa926-1700"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7sp3y7XFP85rLG3T2t4HpjySCa360EY2H84m6tfVMRam2Rm%2FOvQxe%2FIaL5CSbVsZJs8%2BPbpYs3axQgrV%2FCsi7QV2yPRfsbl%2F1L%2BGWzLWXbVu%2Fnixk299QBXgt5DBxYDgvxGsYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3576f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5888
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 c6c05df77be06a4afebf0be0b120fbce20fcd998.jpg
sud.ua/uploads/news_author/2022/ 5 KB
6 KB 183ms
173ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2022/c6c05df77be06a4afebf0be0b120fbce20fcd998.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7601daea9270f13923bf34e1db1159586fb5b68e09ea018b0fc0980ede32029b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 29 Aug 2022 16:49:17 GMT
server: cloudflare
etag: "630cee0d-1474"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tecV1%2FuXBOecrnHEAJ7DV0EJSk6IUfCs%2FTOfvqeLBh8TxNuea7WKKnR5PgZSVh5DEqhSoSgYgvHfpdf3%2FduTrxiCABdh90wuhZoBv7x0cxwngv1HzVkXxDuPKgSwPnitjcQ6%2BCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3776f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5236
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 53df42ece77ce21c5baad5bb1519778483e30bbb.jpg
sud.ua/uploads/birthday/2018/ 27 KB
28 KB 189ms
179ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2018/53df42ece77ce21c5baad5bb1519778483e30bbb.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7229e3e83f94bc2c3d831630dd37cbae6fe29dab372e325921e0d07802fa1e25

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Feb 2020 13:24:09 GMT
server: cloudflare
etag: "5e591479-6c20"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utgDNnLYdCy66Hi0vDl%2F23Lt9lfLUz3gMyEEqiHaEqTB7CfWJFD3BUM%2Faur2luPrsaKQvmmgbiZY%2Bduw4r%2B36l3CVxtrK0ADOGkNBrTWCBiKgiRoLqLXOQmN9Ig8dXucCPVbIlo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3976f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27680
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 67515e822806e1107635a363cb73cce2e291511a.jpg
sud.ua/uploads/birthday/2018/ 25 KB
26 KB 280ms
270ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2018/67515e822806e1107635a363cb73cce2e291511a.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013aac80d15ed8391548f0dd202651bd3158d22ac9346a2cbee5533d089a40a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 20 Sep 2018 14:36:19 GMT
server: cloudflare
etag: "5ba3b063-656c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPPOFi%2B%2Fz3eZwODCs1Ecia1jjHDzwJzB4NH%2FTSUKaK83SxV1B7E9TurtspPiisFyPkcGYDZmr8nVVMQ3tEZ2P5yjHfcz7IOjaF%2F4HeuJQFIYPl4QiBfPQ14q361TpnIq1S7HVYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3a76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25964
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 47b9cdb0b96ec12e5c32e46ce8a9f6ceda0b1862.jpg
sud.ua/uploads/birthday/2019/ 22 KB
23 KB 281ms
272ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2019/47b9cdb0b96ec12e5c32e46ce8a9f6ceda0b1862.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55da3ab31e6f4e8211675d7761472fefdcc6f8714af83858a63aa72402d13c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Feb 2019 13:43:47 GMT
server: cloudflare
etag: "5c641f13-5901"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3EQDB5hcw6YVImjbrRH8qAi2KErUjUe9T3oRkTIW0aEEG4vP9NQTXR49YOA3CP%2BSJzkmxS1SjTr8ydtaXRUAiCstjww4q5OKCWxi30VjpACn%2FmBs6iKzQYdrFcy%2FtN6IywWqAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3b76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22785
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5b97c38d95ed85b1ea0a1e35b948e4f3fcd6ca3e.jpg
sud.ua/uploads/news/2022/09/24/ 42 KB
42 KB 282ms
272ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/24/5b97c38d95ed85b1ea0a1e35b948e4f3fcd6ca3e.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed044244db5346eeb60332a8576a024d60b3c3b890f4e31e65149cfb29735c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 24 Sep 2022 11:40:44 GMT
server: cloudflare
etag: "632eecbc-a74e"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKHO%2FIP5e1cx9ixX86duHxopoEvRi6WlnLYgyX78aozMkK6unLVmLr4ykJizZ4lVUYiZCiDEp0JWOJsFr2R2HEXxdyL2nh6fRB0%2Bt%2FJNZYYlyjOfS%2Bbm2fMrO3PCVorbua5zR4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3c76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42830
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 94b556b44df04179cadc4927ecceaaf63b2ca3c6.jpg
sud.ua/uploads/news/2022/09/24/ 72 KB
72 KB 283ms
274ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/24/94b556b44df04179cadc4927ecceaaf63b2ca3c6.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa06349d7a5c5709d338cc7280751803297417697db23363b688400a7c0bbecf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 24 Sep 2022 10:56:16 GMT
server: cloudflare
etag: "632ee250-11f56"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFha0xkYDtPSTfICqedna8EOshkMUB5YVHGFDi5YHv3bAiC6Nj%2BxY5JZnJIMFvTyf0XBBmPz35R6ajszvqaOdFxNlRwwAxS8qdKDwsD1GTRBw%2FF%2FFVjmCpuIzOIHwS%2BHrx8QxZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3e76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73558
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bad468f25b43fcb6e0a274f419c4242ceef4a567.jpg
sud.ua/uploads/news/2022/09/25/ 31 KB
32 KB 288ms
279ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/25/bad468f25b43fcb6e0a274f419c4242ceef4a567.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7f26360de6e37c3b54de7a50deb380affab860720c24da480c33efc223407a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 25 Sep 2022 13:34:40 GMT
server: cloudflare
etag: "633058f0-7ce9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WnXw%2FOGXf3jlc5AKNe1VGCnT5RdGKiI3IiSLuUssrM0BbATdJCPO2X4Ov2JbsO%2FcclKocPhDmefH8fPotUzUV3bjSzO%2Fz5FZgr%2BrQKTHq10epJoCgD5zzrrD68dwGtx3gI%2BAlI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab3f76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31977
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 88ba94f714fc82759b24cff6d7beb597dccaee61.jpg
sud.ua/uploads/news/2022/09/25/ 30 KB
31 KB 289ms
280ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/25/88ba94f714fc82759b24cff6d7beb597dccaee61.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8267c06af9510b054a71d4370733859fe05d350e08e726178c3a4cc686339309

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 25 Sep 2022 13:24:33 GMT
server: cloudflare
etag: "63305691-7911"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YrSr%2BmWmVSYWSboVornE%2BjLv1zngOvYqPzw3zM5evgj44mmOyNSCYHSiK%2BlOuPFyiD%2FbQl0gJWEATttuPxJ6jtHAhGy3Uw3mcex4or3ZrIbzdtWQ%2BE%2FpNLtKddSw46rRuOpsUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4076f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30993
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 7f51a823b6a2c5b075a86615a5ebce184d6e81b2.JPG
sud.ua/uploads/news/2022/09/23/ 17 KB
17 KB 290ms
281ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/23/7f51a823b6a2c5b075a86615a5ebce184d6e81b2.JPG
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c00c6173683a011732668c3e7b5e3081e273b2ab7b0deed3bd9b13b117ae565

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 23 Sep 2022 08:58:29 GMT
server: cloudflare
etag: "632d7535-427f"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNPUwkGQE2ezoQD9g7jOBhVoPeTvq7r0KS8%2F6DafAJDL4Z0HRWoYaqOnAnoNffUWI2ZsqdgE2i37aCBTYyapEcag3glwJqQmv97vgWYwhJvuV%2FGNIWbcSEqGAQ5693HVZMY3FWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4176f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17023
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 a112dd10c8ac1bf0141182bba255fb57cedcb696.jpeg
sud.ua/uploads/news/2022/09/21/ 21 KB
21 KB 217ms
208ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/21/a112dd10c8ac1bf0141182bba255fb57cedcb696.jpeg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a81f04bb9db35e65cbc6fb315fcd4b9d62b91cdefb07392dd4920feb6a2decc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 21 Sep 2022 12:29:56 GMT
server: cloudflare
etag: "632b03c4-53a7"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pciuRk58ftaiYs5qRBWDHxqHtNs5mkQeGL9bi8uSlzu30ueM9D76R8EJ3GQYRvQjO%2FKmBVc%2Fg8ypt9H1HoMABk7u8Cy8hZ5qBKAHP2Gys7hWhzQOJeXZm4kw4OCXMuY7C%2BeQWTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4276f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21415
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 302227a8ec933538e24bcb2d9e003a72a82d0bed.jpg
sud.ua/uploads/news/2022/09/25/ 28 KB
28 KB 236ms
227ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/25/302227a8ec933538e24bcb2d9e003a72a82d0bed.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09e13e2877c659c14c2bce594ad6c81b6708724b79dcdc1e74ff77bc6a8875bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 25 Sep 2022 18:51:23 GMT
server: cloudflare
etag: "6330a32b-6ecc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8UzpfTJjL0O9d%2BUxvJZqYxyKikXKjDCsw9CISIZqH1EmKPy9ZgLHqtBPp9IQS2ve2zIkx8upnLJnETVF2AQRbV8zH6CN6FKX3sBFcTZIhPx%2BIj39AN8u4H6CZq1opedIqmhwAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4376f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28364
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 0cc9d93a05fbb26936736788b6483ea1093205a9.jpg
sud.ua/uploads/news_author/2022/ 7 KB
7 KB 186ms
177ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2022/0cc9d93a05fbb26936736788b6483ea1093205a9.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49c079d691262e11d2d3b8ee08d3f9641f68abfe4ec9111a36258b96c478cc86

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Aug 2022 11:23:04 GMT
server: cloudflare
etag: "63060a18-1ab4"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZXLuSvx1%2FdP3W9yU8mGT9%2FlM%2BdmT40DbhhFAeyeuk%2Fynfp2vOl3UwjvuTo0U5TvwN5ml5FAoADszQFmsvtZo5ja84ltC6%2BLU%2Fs16%2FSQ6nfumQ1%2FIpJG3PcPL8YcfFNEWoSy0LE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4476f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6836
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 835824a228dc1ca932c258994194ff260b207b82.jpg
sud.ua/uploads/news_author/2022/ 7 KB
7 KB 167ms
159ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2022/835824a228dc1ca932c258994194ff260b207b82.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71dc80b6ecedb77a703c0161cfe3c966cfd57f7a01be6ffbd4b1f84549676da6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Aug 2022 08:19:51 GMT
server: cloudflare
etag: "6305df27-1ae1"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0Uch6tx3WUb0SyIluxDonXq3X5yhQI3hGjfoVYaeubSjARd58UDHlfbukLVz958MvmnhGDnZjEtLY%2BuRQibHBfJxLBgu40v6ylmmocjUo7unOCBUmtD6w%2F7oARgTPnk2h%2BMFzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4576f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6881
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 b01706d2effa11175bcd1b6b068e8ac623a20e81.jpg
sud.ua/uploads/news_author/2019/ 6 KB
6 KB 178ms
170ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2019/b01706d2effa11175bcd1b6b068e8ac623a20e81.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae2f2e3ecb109d17757f1a6e02bf7d3f40e9c9ad2ee2a9e003a85286659c7b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Oct 2019 12:24:10 GMT
server: cloudflare
etag: "5db980ea-17b1"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PN%2FlyQYn%2FI7bhAH5yUY2ymeo4EhRTjmHJu0Npwm%2FtczMuBPyzctzUXtqW%2BdiKnru9c4Xl3MOFCodHBkY5urvwvJM9DsZ3FaRfNNsp2bgo5fU895BHkIJ7Q3iwv1UcK434TBb6Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4676f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6065
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ebb1ea5b23e7becfda2adca16af2ea71d1ca8226.jpg
sud.ua/uploads/news_author/2021/ 7 KB
7 KB 161ms
152ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/ebb1ea5b23e7becfda2adca16af2ea71d1ca8226.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f306b82871f7cc1526d1c202c5f38ec7c79a067fb1ac88e534c46db2e7655b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 05 Apr 2021 10:36:58 GMT
server: cloudflare
etag: "606ae84a-1a20"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qE1l%2Bg0tNanIuOx2Oov1Ab2f6u5XPX1nPePycgiexGLulJKgr0MTsmInvANor8MsrEDER5%2BcutFnI0FeCEkm%2FJFMLPVz5TU%2BELei%2F%2FJlWa90MTbZrI2lN2vJrokj%2FGRaD5vlLsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4776f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6688
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1a2c99489329025b0c7df166747ba3c06ee02c23.jpg
sud.ua/uploads/news_author/2020/ 7 KB
8 KB 157ms
149ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2020/1a2c99489329025b0c7df166747ba3c06ee02c23.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79d1280b0336fa2f1f507a1efc1803fe6961a376e1dd6fe0e00ef4e78c9cb59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 14 Sep 2020 11:24:49 GMT
server: cloudflare
etag: "5f5f5301-1cfc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhcRjNPuEd8%2BClAdypK4PkfGek%2F7x653cXDsYHIjAr3qnBO%2B%2FS%2FLkjOlgLQM0LnV%2BiATWGSB5cIN3vN0MBRvm3FVF63oHHfXyZNe%2F4n%2Fxf0bEXtoH%2B2%2B1EGwhAFoMY%2Fl1IfTAOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4876f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7420
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 05c8eaf4482fe3ca46fe88eef3b7f0ddeaae33e3.jpg
sud.ua/uploads/news_author/2020/ 6 KB
7 KB 168ms
159ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2020/05c8eaf4482fe3ca46fe88eef3b7f0ddeaae33e3.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fae7a1a8722e16860c1134a7697e021fa2da4defe73cbd0b97f5739c869e7778

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Mar 2022 09:55:26 GMT
server: cloudflare
etag: "6233058e-185b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjTtgK0hRKR%2BDYHuj%2Bh0Eg4G%2BF8rBWMeCjvy2EpXFxPRnmJzmzktYj4k%2BJ89%2FO%2BOqqgUxluXibFZftKjxkoAR8oiC69bLchL6RaJZYvL3W51XuqaC0f%2FO34PvLF0zksY29LYOt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4976f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6235
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6e309565966db8744fb9932f0d8b6ecba9e05b51.jpg
sud.ua/uploads/news_author/2021/ 5 KB
6 KB 159ms
151ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/6e309565966db8744fb9932f0d8b6ecba9e05b51.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4290896de2ed388e9186a88acd6c76baf5b7d830755b809551e9bcd88b6d2f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 Mar 2021 07:28:04 GMT
server: cloudflare
etag: "603f3a84-1586"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owIIpow6SnY4xJwYCc%2B81YBuYxXFG%2Brt5j%2FyYCxHXHDyvq3WDAXgTtEJeHKwHtrYovMwif8Yyst75HHcJej3wowSZfqPrH85rIei89vPSVstJE8cHfaIERGR7EQNvvfLXQ%2FTO2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4a76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5510
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 053bee296a2bd0d495aa2b459985c4a52509d203.jpg
sud.ua/uploads/news_author/2021/ 7 KB
8 KB 174ms
166ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/053bee296a2bd0d495aa2b459985c4a52509d203.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4421d41187e81c01fb405db52576656073cf9cf7f9d1dfb4de1915da0510853

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 26 Jul 2021 12:36:02 GMT
server: cloudflare
etag: "60feac32-1c3f"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1QsB9x672u5KmMUPIp80jqaovu0dx6UugNwQ8fsafAFuxAlVKDMQYDZbC3DNcAqe%2FFeQFy8hi9TqDoU8lRDDWtnUkFX6hIh1TbptKMZnYMWOH0Qmf3Ssa%2BS9R9Oh%2BWXHNuXfms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4b76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 9b3887a379baec42b9b5de9dbcb995cfdcda1b63.jpg
sud.ua/uploads/banner/2016/ 300 KB
301 KB 217ms
209ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/banner/2016/9b3887a379baec42b9b5de9dbcb995cfdcda1b63.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13cd5c51c459b11de3be896c4efb3cf3c32b5ed3a11128dceac6f712dfeaec3e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 31 Mar 2022 09:23:50 GMT
server: cloudflare
etag: "62457326-4afda"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLYThG2qJnhukU8hv%2Bv5nigSXRue37txcmDUcgNXUfCYcr4TRqfciZvACfvgx9Pat5w1u8I0URJYHVWyVklZnHnkQ1iqai%2F2FOjUwYrFJuu%2BkTqhDNI%2FMrIq5HaHdr3rt40CwOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4c76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 307162
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 f262e4f2c42369e24b19a40ed330fd7a07689693.jpg
sud.ua/uploads/news/2022/09/22/ 84 KB
85 KB 230ms
222ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/22/f262e4f2c42369e24b19a40ed330fd7a07689693.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92edbb8398623cfd3a0f0bae9358a9c88a9e4e52e2d1d815aa72cf79d9a7bb8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Sep 2022 15:20:56 GMT
server: cloudflare
etag: "632c7d58-150c0"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nk2hy8vKDxi30xhln6dRJcgI3dfz42K%2B17FJrshU1yLQfAYQyG0vPNb%2BSM3NYL9%2BSyqGHRW%2FO8E%2BG6yCShhlBxejfpHhT22l1%2FAGPW3dehj1KUYggNWms1XrN8ZIyheSri7kP0U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4d76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86208
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1008263c85a75d6d23e3d369a716950cb12e2513.jpg
sud.ua/uploads/news/2022/09/22/ 62 KB
63 KB 205ms
197ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/22/1008263c85a75d6d23e3d369a716950cb12e2513.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08364adf338952c9b2207dd2c6729046e1cd2aaf89d222253d3b0f93cc68382c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 21 Sep 2022 21:43:29 GMT
server: cloudflare
etag: "632b8581-f804"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGAsd%2F0wFGbYUqh53n3BvjX57oPSYI09uMHhKRRcL509LKNeHJAPEN%2FIATvhhBuL2AhH%2FDhBhN%2FMmJfbn9vuBYfIR%2BW0hohUTEPlLeKt%2BJ3YM%2BlDQIqQ7NzTOuSeMGRk8ELkyzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab4f76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63492
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 8d67424b5a63c65a2809bda92caeae2d319bb3d0.jpg
sud.ua/uploads/news/2022/09/19/ 126 KB
127 KB 208ms
200ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/19/8d67424b5a63c65a2809bda92caeae2d319bb3d0.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ef2a95740c243e2addb68687c22490cb6a222ba8253ec2abad06e6be3a73dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 19 Sep 2022 15:20:23 GMT
server: cloudflare
etag: "632888b7-1f84e"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Pek8UvLTUHHMp1JtnnZmLkKySxrNJT%2FwypRDXqEjz%2Bia%2Bh2R%2BkWLLEFqcMlpM%2FMBhONFH93PU%2FEw%2Fw722PMctGtGKQEP9DLYEZlNkQd33Ttl%2BJGYqU%2FMiBHdxFbwCbgXUYinw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5076f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 129102
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 769da38086ba41a853793fcb9e36ee42dc70a68c.png
sud.ua/uploads/news/2022/09/19/ 466 KB
467 KB 219ms
211ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/19/769da38086ba41a853793fcb9e36ee42dc70a68c.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bc574466da796f89434f2794ada82e5893f8ec89cb65c1731da1d348bb5684

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 19 Sep 2022 12:36:05 GMT
server: cloudflare
etag: "63286235-747fd"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSSBlICb1hUAmi3Zsetxln5ZH753Kkr%2BTmODAkNVjlVr7lUVV651Vqkd2nF245uHA1UKZaMQzpTZkzMeaxVVUM5UUNMbvhAZeFcqLBztQ2mzzQT79HsFra8DvNbG5LtN%2F5QfIWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5176f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 477181
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 e9b955ccdd45466aa25d6ea755b2a1b3a0af93e8.jpg
sud.ua/uploads/news/2022/09/14/ 94 KB
94 KB 222ms
214ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/14/e9b955ccdd45466aa25d6ea755b2a1b3a0af93e8.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194afa1f355b957d318df72c1474655ea71c9a7a67a3367773b5d3c3026e1347

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 14 Sep 2022 16:13:26 GMT
server: cloudflare
etag: "6321fda6-17624"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN%2ByiBW43cvSo5qlX9D8JuHpZJ%2Fi0cHU%2FUwB3A1MlqL9f8uDyRBhSezVrS0aYsF7ZTCnVtzI%2F5ywOPQmeLIiqcYp4%2FU1MuZfHMfMPmJKpkTfWEpEniE%2BAtsIxYoMRR7guGRQ8L8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5276f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95780
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 3e670a68e3c34b073c37ed7a68644c938d03c8ff.jpg
sud.ua/uploads/news/2022/09/14/ 97 KB
98 KB 227ms
219ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/14/3e670a68e3c34b073c37ed7a68644c938d03c8ff.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 320322d2684e6f070e34d459683113578616320831bffc5f26640310387e510a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 14 Sep 2022 09:57:50 GMT
server: cloudflare
etag: "6321a59e-185de"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7A0rIAGSqRT4lLgT%2BBvEJ2JqB5JNydbkXerks53mQ6WPEr3d8Q2piTVtqHaRx9c1Gz14gNKezhIEhljSkQa0NoMkVAjMFNzkZp%2BTmI30uLYOZ3MJ4GWPB%2FUDCoeWgUPOQ7pEyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5376f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99806
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
sud.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
31ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sud.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
server: cloudflare
etag: W/"632b45da-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf4MbMv7Jh7VO65wXqg8QU8Z7PLET8gJIU6XPPLxCRLdSJCFz2zPrt6rzpilCKb1IvydIm2ed74hWERIXcRh8K93CwWmCRuSFtCm7xJlB4YoJQkvA5%2BZxpVfTfcSTfPGwrLBtfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750916cc5af176f5-LHR
vary: Accept-Encoding
expires: Wed, 28 Sep 2022 03:59:49 GMT

GET
H3 200 3c725ecef0525b9a71a4c8b71bc30694cd9c7dc5.jpg
sud.ua/uploads/news/2022/09/22/ 55 KB
55 KB 190ms
182ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/22/3c725ecef0525b9a71a4c8b71bc30694cd9c7dc5.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c61b748e530463a9f46f1af9bc749d7c33b4a525efcfc35e8b7478522ca16fed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Sep 2022 14:56:08 GMT
server: cloudflare
etag: "632c7788-dbee"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSB%2FU%2FK5Y9ekkTvG3QYMHZMfrsRWTO0jXsj5N8O1NYgvEfJlK3zzjFX%2Byq%2FJ7R1z24q%2F%2FvxsHsgRoqnszTMKOqgdwW07n1X%2FkRtgj1Bqb%2FI62WpI3GRW%2BOC6DkyE7T%2BYd3vBsz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5476f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56302
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1effb1be83540032c9f925878bd0db925928bb4c.jpg
sud.ua/uploads/news/2022/09/22/ 40 KB
41 KB 273ms
266ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/22/1effb1be83540032c9f925878bd0db925928bb4c.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1adaa75fa89e762e4b0769f4b1253265cedd7da4a0fd812210d13f24faed82

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Sep 2022 09:12:33 GMT
server: cloudflare
etag: "632c2701-a055"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHjvrmgk03cpTR219dwv7jBTtFdqrhjJXn%2BPJMfteK%2BqU4qZj7Ox9MZtzdJNcBzba5oZLqUhr2p2%2BcWobBODkSKdnn5r%2BBCnVKSFodJhi1FE4OYLvGleu%2B93TIMSRqxQ8SotL30%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5576f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41045
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 7759cda49c33c14cf4d35e11e12ae2ff66c3467b.jpg
sud.ua/uploads/news/2022/09/22/ 62 KB
63 KB 274ms
267ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/22/7759cda49c33c14cf4d35e11e12ae2ff66c3467b.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a18fb8b25a1def3766318e4f54544a5e1d3672a434629b77996b637f4452027

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Sep 2022 15:27:43 GMT
server: cloudflare
etag: "632c7eef-f8ce"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7gyHxFvYxvtXrNtYB5es4szDOFkDbNpHnNHkAc%2B3mRWTmw8iArfG6GL1FzMKIX6%2FN3QSxK8Qac1rP%2F9C50KUzOitpFFwevwqDqVoDEw52vSt8rlXYnDntJnFHYYSF1A3vCED2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5676f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63694
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 3d8f0f218851bd571cb278b5233ecfa68a00f165.jpg
sud.ua/uploads/news/2022/09/22/ 69 KB
69 KB 276ms
269ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/22/3d8f0f218851bd571cb278b5233ecfa68a00f165.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2447ab3a606862651d00cdc18df2d41330e7ab7bec1b08f8f90f1ad500b3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Sep 2022 06:13:29 GMT
server: cloudflare
etag: "632bfd09-11345"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rj5WSFAcKR1pfZEbjnH25IsqvOlN7VGbDzTcmmgv9OSHSRi1yGbvC81aBMMBx20MLFSl00wukyRR4MErS%2FAA0GYkqp0uJD33MBGUaxPY5ShvNkYDiRShLlgz9PCTRdqvjfAFW7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5776f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70469
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 932ac0cba17c310c2e75911b29200599516d3c49.jpg
sud.ua/uploads/news/2022/09/22/ 38 KB
38 KB 193ms
186ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/22/932ac0cba17c310c2e75911b29200599516d3c49.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6207f1cf9052337641a9acad6d23c760a21c403a99ce8a9d4dffb4ac49076e7a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 21 Sep 2022 22:26:27 GMT
server: cloudflare
etag: "632b8f93-9762"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1JuRuFnQkG78hizEw28QZnzttMNQYcVtEVfA52DUaCiSaY6eA7imudjeJ64WmHVZlcFAG23JB9hkyx8I7%2FH2k%2BIJCOdMpfIHdi7YapCYHGvatZU%2BS6YDgFx7N5jeRQnYQnRY4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5976f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38754
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 add8cacfb7e9da92e5ec84bdfc8806a0724c5af0.png
sud.ua/uploads/news/2022/09/21/ 416 KB
416 KB 288ms
281ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/09/21/add8cacfb7e9da92e5ec84bdfc8806a0724c5af0.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36fc8b8df6869b8cdd2d28a9bf73cde5f4e44c7940f044b68c36715c661c52c6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 21 Sep 2022 12:03:47 GMT
server: cloudflare
etag: "632afda3-67f42"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtVxNh7GQCxwlPqmYQzR9U%2FurYfvnigZ5fI4aUgHDQ4rHn9qK10GAzxcmPxulmHy18DBBKZ%2B%2BaFXpZj%2FUUWsiXirXuQXDuFIrsrMnY3wLbxGWgK1bRITjy5iuUADohLybbNF4Y4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5b76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 425794
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rcode.RXTtRlV3fD.js Show response
recreativ.ru/ 0
62 B 406ms
43ms Script
application/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://recreativ.ru/rcode.RXTtRlV3fD.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
server: nginx
content-length: 0
content-type: application/javascript

GET
H3 200 jquery-1.11.0.min.js Show response
sud.ua/js/ 94 KB
34 KB 38ms
38ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-1.11.0.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 8398513
etag: W/"5ba0ee53-1787d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj2VsPy9IwGM6Ok2L0kdDF1XoWoD45t%2FrU932Esdx44c61nldCPY3CJcDmgaNUS8DgkIeI98jRxqFnI3XRvPjiii0uJTa5rnSv47FM8bcMUiS8WYK3NDg%2F9b2vYoc0ac44zbzl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750916cc8b1276f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.easing-1.3.pack.js Show response
sud.ua/js/ 3 KB
2 KB 91ms
91ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.easing-1.3.pack.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 774e90a51b4189c6ab5cb3badda2c67d60197f464e43333387651f982e6163bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1639184
cf-polished: origSize=6717
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1a3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXzeXR6Hizzex1Em3O1wChI11zmMdM8ENTK5UMr7g%2Fgawy1bsX0EYd%2B95nttqvy%2FqTsJ5PdoPHhf07FK9B6mNHA2UkCuAOiPOMHDPSp290L3TQA54C9vQV%2BG3qxv%2BqWjA77riIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 750916cc9b1676f5-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 respond.min.js Show response
sud.ua/js/ 4 KB
2 KB 91ms
90ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/respond.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 8400654
etag: W/"5ba0ee53-fe5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utCjKdTlptiM2IoKyoQV8vfumiZYFlhxdHVkPrwTFEkjHBbF5LrBkhVPiVNr6NOx4Vp4a8XXLFxe6V8plo82wwXqK4qukeNtAq%2Fdj6K0cbjxgy%2F%2F33h5o9O9I3Vo72CMO3H%2FDcU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750916cc9b1976f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.fancybox.pack.js Show response
sud.ua/js/fancybox/ 23 KB
9 KB 92ms
80ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/fancybox/jquery.fancybox.pack.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac49bec33974b027f5e08c4a7e40a76dca5d3d855b5d260c6eb2e9bdd67e9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8400654
cf-polished: origSize=23135
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-5a5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnxvZnfjkhyq77HdgYan%2FUKYoGWonJvEGXiWeo5IyBm9V8II4Egsn3iG7q3s9Y1v5R2Hex0O2huHm1q15FU3hzXcImDoVFF7sNgktlLZp9tvc9X7s6gPFxholrtMRaCeiUudUHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 750916ccab2276f5-LHR
cf-bgj: minify

GET
H3 200 jquery.maskedinput.js Show response
sud.ua/js/ 6 KB
3 KB 98ms
86ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.maskedinput.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70070dea8563cf48b07bd826618554ebb5cc1ea6332d024c4697e774c4ce44d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8403589
cf-polished: origSize=10370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-2882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Fh8wf97Pr48dv3IYEry6T%2B3QAOTCuuLx3YsBVnzHoSnqLj5IJ%2BlPKiEAuigwafriG7wGO%2FINemoQpWODkrtX0i5zHA5%2FP6wqwzKqhogw38ew%2FEY%2BeYfmwoMIWMPkFm9SbePxdc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 750916ccab2376f5-LHR
cf-bgj: minify

GET
H3 200 jquery.ui.datepicker.i18n.js Show response
sud.ua/js/jquery-ui/ 3 KB
2 KB 100ms
88ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery.ui.datepicker.i18n.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa8c6c10a50339012de17b71571c52f57ec364a7200a359629aa770e90d20b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8403483
cf-polished: origSize=3465
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-d89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbwFx48SoLgFKZ8A5ZirFG2BaOQGrRqG%2Fb8MubAw5l%2B4L34NK143ywMK6yBOtrL6wEn21dktEKykyoEH01uPo4OSZDccNcVLvsAZehic5jFCVTzF60I75Q8wL2Gup7rm6omEypo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 750916ccab2476f5-LHR
cf-bgj: minify

GET
H3 200 jquery-ui.min.js Show response
sud.ua/js/jquery-ui/ 168 KB
47 KB 101ms
89ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6b29649695122285a0af27dd2ae18a932f869d963a2400ccb9eb330c6234436

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 8403483
etag: W/"5ba0ee53-2a0c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jN0aUPd3ULGCcKXS401U7VBU%2BZQcPlBZsNqb%2BYhfcHjSrZQ2ALWC9amq81gQ5L7NIZvRSdEKsen9Y1mIsIzV%2FEVfcz8qwHg2EpqDP%2Bxnc3g%2FhSlXbNEGdbBJc7hjf86oGuTtoMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750916ccab2576f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hoverIntent.js Show response
sud.ua/js/ 1 KB
1 KB 124ms
112ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/hoverIntent.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e14601fa1c4a3153f7fa73764030fbd33852b5e1c7ff0955959f90803535c5fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8400653
cf-polished: origSize=4938
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-134a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nV8U58%2BeG3z%2FI6B2TYhQpP%2B5RWQgdQQCJscPSplZfzk53rDZflAjBGSVQ0hxLFT2clOQdFOqjWgG8oxMbie9VSIy4Vvkl0shc%2BOYf3gDOGN68pECpVokzoq9ICsUym6%2BMR%2FqBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 750916ccab2676f5-LHR
cf-bgj: minify

GET
H3 200 superfish.js Show response
sud.ua/js/ 5 KB
2 KB 124ms
113ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/superfish.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b5791418bf48985439b12ded8a21a4aad3c257f8716c95f60d55f6fd1f6383

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8403483
cf-polished: origSize=6975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1b3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoETxNHf6j366rnaGDHgERQbd5brpefvORd77pn9AOL7saR7KIvYL%2BK2l3sAyM90Sid3xZbChmBOfo9L3eZnjG27PPre6OI%2BHIbH5qoYS%2BqwsWblt8JW90XoN%2Fu2nMjrNp3LXP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 750916ccab2776f5-LHR
cf-bgj: minify

GET
H3 200 jquery.flexslider-min.js Show response
sud.ua/js/flexslider/ 22 KB
7 KB 125ms
113ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/flexslider/jquery.flexslider-min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 4072585
etag: W/"5ba0ee53-5746"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D3pw1Z5DT1Y32fVS8arXp%2FEt55F1N9tnRQFVDPQQJAd2u0EFJN9IyG8lfRN8QW9vWWP6n%2FgZ8n6fYZVixRJmlI8MfmLt64khdR7XuyIf2Es2ZgTVlGe3Qx5HlJljoFSMnHw4rg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 750916ccab2876f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.sticky.js Show response
sud.ua/js/ 6 KB
2 KB 127ms
116ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.sticky.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8853e8db8dbd87dbd0de8f513e1fe5bccd647932a7f3a36953fe041f460bf71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8400653
cf-polished: origSize=10085
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-2765"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4axA4hJ%2BhotbJTx9iVuL7vB7NIqNinaILbCTGkkMF6bLGcSZFcWCmJsuJy201XQIwob545pc4uHrT3wS2HHYaBFh4IFJCMbHA7gdq0RyMkvCX9XpyvpqHeglH7kC4hSQ%2FRp30w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 750916ccab2976f5-LHR
cf-bgj: minify

GET
H3 200 main.js Show response
sud.ua/js/ 744 B
899 B 128ms
116ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/main.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb0a6867e017c1d07862ef57ae439fd9062a8771c8b224c4deae9e26f883108

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8403589
cf-polished: origSize=1857
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-741"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Refh1di3YMaizYuG2GCf8VbLZ7lnzQNfbWGCON4sgbvBC%2BHuWFBWoCVUpVEvqQe89wBU%2Bqa2%2BAAbHJ2RKGNzcU%2Fm%2BvCG8%2Bde3Q%2BljkURhmUJ%2F%2BPlmpVb0Hw1qeek3VzmXQCbxAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 750916ccab2a76f5-LHR
cf-bgj: minify

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 192 KB
43 KB 154ms
51ms Script
text/javascript 13.32.99.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-51.fra60.r.cloudfront.net

Software

Resource Hash

700ad5e597681fb45dfc74f05206ad9c2229a6c710c45b413842ddfe03ce4d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:56:07 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 222
etag: W/"3011a-1tH8M8TNdKB39qADlCdHeiBv0FM"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA60-P3
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: DfiXlwuZ8s6Brt4hSXDwoYEuS8mSfxISSWMFIscKjCEdfaaSPxEFhg==

GET
H2 200 28b7ceb6dba8fe7150ac3c08549b1fca_1.js Show response
cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/ 115 KB
35 KB 290ms
75ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/28b7ceb6dba8fe7150ac3c08549b1fca_1.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3e2a7a63ff39c91714f1e3e241b5e08fa8740b98b40dab91d9074f738117ffc3

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se .loginsrc.com .routee.net .routee.net:444 .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: ZB/AY6bPMio
x-77-cache: HIT
x-cache: HIT
x-age: 567094
x-xss-protection: 1; mode=block
x-77-nzt: AdRmOLHSz/v/NqcIAA
x-accel-expires: @1664202495
x-sp-ma: sp-ma-1
last-modified: Thu, 25 Feb 2021 13:19:48 GMT
server: CDN77-Turbo
etag: W/"1cd3c-5bc290188bc3b"
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';

GET
H2 200 css
fonts.googleapis.com/ 30 KB
2 KB 220ms
79ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599dc54e55dcba53ded24afcc18f1fffc7cbedc36695daed2b70bc8795bdd509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 03:59:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:49 GMT

GET
H3 200 reset.css
sud.ua/css/ 773 B
913 B 39ms
39ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/reset.css
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8400653
cf-polished: origSize=985
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-3d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5qi1V7tSVHN4xMYvwnu49w5pL04NA45ne4urxpjyufKOa8f135F0d8iM1ZiMWQKXkm3YR9HVdKV1RFap2yb9Or7O9rPIxPNO%2BEOtBBl1Ocrs%2BQ0nKVWDsFbJYr7pLz0gdus4I0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 750916cc5aef76f5-LHR
cf-bgj: minify

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 199ms
53ms Script
text/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6303
date: Mon, 26 Sep 2022 02:14:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 26 Sep 2022 04:14:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 138ms
41ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-xss-protection: 0
pragma: public
x-fb-debug: ZzyHAIb92zG+L4zEvPm1sioGLMwaFgNfzYRLT2rGFokUA0fuYgpUg5UCOhw8DC+WiPqXGo9C0mHyxstt9EGkMg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 03:59:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 163ms
66ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c996c23773e5d7a71734ab33579667f9550463bd5ac611b7921ef3c033c42f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MMP0+O6aLPBk0sTaDpPW9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: tZSoyJPOX+Y6neGYA7aWaEvtgC6cKnVB2KspkW1SQDzEbC04GqveY42Bju4gdYWygqbu1yOyJlCbstqdtslh2g==
x-fb-trip-id: 917726464
x-fb-content-md5: 9e9e83d4f997dafbcae1af63e001dbbb
x-frame-options: DENY
etag: "d73350db2c4ad913e3ef48c8be606579"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 04:08:23 GMT

GET
H3 200 2673156668a0b9ea3bc1a28084a5556bf8493308.jpg
sud.ua/uploads/issue/2021/03/08/ 26 KB
27 KB 291ms
285ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/issue/2021/03/08/2673156668a0b9ea3bc1a28084a5556bf8493308.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e2a00c397f02038b70223a315c58409cd4b29b577c7b67b076c4ddffc1e932

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Mar 2021 20:40:15 GMT
server: cloudflare
etag: "6042972f-68f0"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wg%2B%2BNu0FnQIazOChRi4aNON3UhREy3kH7MKCmEWMlE4%2BH6dZNCU410sc0a0bTPNbSdt%2BN4aJAnk%2BWJbalNEeaicW0AfA4LK2KDnBgUPvAkIpcgwtRMwqKAGFJ7jinTZ1ftKPh2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916ccab5c76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26864
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 issue_line.png
sud.ua/images/ 2 KB
2 KB 173ms
166ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/issue_line.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd29d93688f3cfb2f685ca050428cf6ab7cd7d4a7d723a3f39c78f1584419ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: "5ba0ee53-6b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFQc3%2B7k49DcP3lAD6pIjebB9DyVV1d8xwbWwqjWFNKOUl6bGU3ol4FmvUd9qw%2FlOxRkdhhRvDF2%2F7iiaiGPY98bn3vuxS8Vbq4Ylk2dM6oA1o8yG%2BkzVIjgp%2BJ4CZMMM4%2BczF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750916ccab5d76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1714
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 src_ico.png
sud.ua/images/ 1 KB
2 KB 130ms
124ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/src_ico.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c9141010cf4cc43881f45220d5a17e89938fc24d9dd8a3a8b98b36ccd33d30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 8400652
etag: "5ba0ee53-4bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOXlHW0VrekkcwuW5P71wvpYTwKo9NW5G6xpu6%2BOcfo6ZgAShCk0PcfBtAnAZJins7Pft1cc6%2B4qrAsW7qMiUNxe%2BZIZUAYIuyLtg5boaG8VvKtorbnDzPhnyY%2FjA2w3KpZJzIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750916ccab5e76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1212

GET
H3 200 s_ico.png
sud.ua/images/ 5 KB
5 KB 131ms
124ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/s_ico.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be6e94ecf29b4cab11120ced07a975654c6a85678b7646f6e92e1c4673206551

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 21:39:21 GMT
server: cloudflare
age: 8400652
etag: "60493c89-120d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9t%2FjHC0J2ntnzfjf4euL2jFP7Nh5BrMZch17OtimelWYl%2B1X3zfw0oCkcfLnUsMgct8jOxh74UpiRaFsEN7Kp%2FRFnrh4c%2F7S5vtWoyQE6crcZqcyDkPiccbR93IjDno%2FgPkkH1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750916ccab6076f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4621

GET
H2 200 playlist Show response
www.youtube.com/embed/ Frame 686E 230 KB
46 KB 345ms
240ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99907ac948055f8e2e556c3997d3bb9e2391ac6893d9c11a2524d320569af9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 26 Sep 2022 03:59:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 arrow.gif
sud.ua/images/ 2 KB
2 KB 114ms
114ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/arrow.gif
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da4b5b07477784514c5b7669c83e1d2ebaec4dff8fa63d4bbf2f56973179b207

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2104893
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1600
last-modified: Tue, 13 Aug 2019 09:54:15 GMT
server: cloudflare
etag: "5d5288c7-640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvDsGc01YunqfI%2F0Hy45bHaH0U72NP9m3HcgQ4bF1YRpjst90wxEnq6GfSKK4T3CjGmT4KMt7smLoGC1OLxqfv8YRXvZHQupesFKTGlOAaf%2BAH7reH2g4B9X9qF8AyUn55eiTno%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 750916cccb6276f5-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 playlist Show response
www.youtube.com/embed/ Frame 1B27 229 KB
46 KB 292ms
200ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92790b9e05187bc624a858155aa72b957d64f04fc53a76a8c477f1285b0085c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 26 Sep 2022 03:59:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jsunit Show response
a4p.adpartner.pro/ 12 KB
3 KB 206ms
58ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&0.3673841039904986
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 1374a2ac43d378a20eb18d627942763738a8852c80ba2fd86ab9727e76becbff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show/ 4 KB
4 KB 150ms
43ms Script
application/javascript 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show/?id=5251&r=0.7321921467565133

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

040da107a9a8583e432e234a4988376915a7ed68c25299abef568229f4fd5288

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
strict-transport-security: max-age=15768000, max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H3 200 newspapper.png
sud.ua/images/ 37 KB
38 KB 83ms
82ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/newspapper.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080caf1867eb9590d5bc98c4ba64aa0d62ef95efe5bbccc83e52114c18f101ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 8403586
etag: "5ba0ee53-952c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BxlkJgOZMLf1YgjXbVGjICo9GZDXQigNt9RjEHU%2F%2BhSwv0flso08fl%2FE9U76ArEXE9YytGbxHmmjMVPoqrb0wRDhkHMOOG5lRHpR0grt8rxwTEm1ouMAFAt4%2F9wQ7aw5YCQpkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750916ccfba276f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38188

GET
H3 200 social.png
sud.ua/images/ 7 KB
7 KB 98ms
97ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/social.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01650f811314c520a71b059d7d6bd0e2382029d1c6a6f82524400d3563bad922

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Jan 2020 12:55:50 GMT
server: cloudflare
age: 8403481
etag: "5e25a356-1bd2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9yXQgLGkYL%2BCvjdxqZ0taNsCZ%2BYoUHE2LkeAQFjuxjjA9rA4TlpjBwI1RqkvuppY5ACNRFqAzvOMszVaDcflW0KD440mUui9Oi0A9swomBmo8sC6gzVd65PxTiqoLUV%2BfSaC48%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750916ccfba376f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7122

GET
H2 200 main.js Show response
go.rcvlink.com/static/ Frame 6537 6 KB
3 KB 206ms
43ms Script
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/main.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: d396df02b5d1618cfdcca3c3bb68241ce7ced903cd5d3a50604b51821bee86d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 17:40:48 GMT
server: nginx
etag: W/"62f53f20-1892"
content-type: application/javascript
cache-control: max-age=86400
expires: Tue, 27 Sep 2022 03:59:49 GMT

GET
H2

200

03.png
i.bigmir.net/cnt/
Redirect Chain

https://c.bigmir.net/?v16953431&s16954880&t3&c1&n560198&w0&y0&d24&r1600
https://i.bigmir.net/cnt/03.png

723 B
897 B

257ms
72ms

Image
image/png

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/03.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Sun, 02 Oct 2005 23:04:59 GMT
server: nginx
etag: "4340679b-2d3"
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 723
expires: Thu, 29 Sep 2022 03:59:50 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 03:59:49 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/03.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H3 200 top.png
sud.ua/images/ 1 KB
2 KB 76ms
76ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/top.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39876159a565d9c3c7a6abd4c4ac30182045b2c9ed5013aecded4fd9802c86f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 8403481
etag: "5ba0ee53-4ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVXUFGCxdeKKHSyeZa%2FJCpU2X6DRdl815%2BmacTsVsDzHSQKOKbIYLu5fvKQ67Jn3kFRIi%2FnTmz%2BDvM2DRZy87JAL0eE99CX7qsmpWs5QIm6Jj84ezHU3Rup%2BUAmKc6WtahrWN7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 750916cd1bca76f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1258

GET
H3 200 2149114148710027 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 86ms
43ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2149114148710027?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb517a033e9253cf182924086287f09fb788a3c6a7b14ddd1a5334d8f4027829

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85871
x-xss-protection: 0
pragma: public
x-fb-debug: feHVhvrYkMKtOrsZyjs4j1Jb6xu7qVugmiIfxv8nuqmjSF13JpEiwu3bupAW6tg2UEX1+tw1LV8vicgcx4p/dw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 03:59:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 314 KB
86 KB 83ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=30b10cfed3724b98e179188c5c78f316

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a7eeeb0d683bf6e5e0e92443a20619abcdc9eda8ef65e6a1b9035a7833a5e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sud.ua/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xEGSPFmdyklnuAjkerjgOw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87578
x-fb-rlafr: 0
x-fb-debug: FDe6kea6smeIA+RJYhuVzW6HBsuvIO8Tt1bW1mck2mJNLfetjKI2PNYL4tj/qHqYHTwonBiFND6DsfUEhGrS8Q==
x-fb-content-md5: 117f52ba78f826201a9009a2b33e906b
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 03:59:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d2976526f64c86e9265bd95d53d58211"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Sep 2023 03:41:38 GMT

GET
H2 200 6315a0fba6e5460012468793.js Show response
buttons-config.sharethis.com/js/ 941 B
1 KB 217ms
66ms Script
text/javascript 2600:9000:206e:ea00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6315a0fba6e5460012468793.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:ea00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd7f80d5aa6a6cc0eed64216457e976c703b4e06b75d4441681d6e90ffe37b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 941
last-modified: Mon, 05 Sep 2022 09:52:08 GMT
server: AmazonS3
etag: "5b23893df30d2f8c1387e88178385ab3"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: 7QdbAgM_aio0jpgOuKn_WWYyQeZIPKYTXPfnhin6-2k4TE8dBywgag==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
393 B 187ms
45ms XHR
text/plain 52.29.231.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=sud.ua&location=%2F&product=image-share-buttons&url=https%3A%2F%2Fsud.ua%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D0%A1%D1%83%D0%B4%D0%BE%D0%B2%D0%BE-%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%BD%D0%B0%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&cms=unknown&publisher=6315a0fba6e5460012468793&embeds_csv=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fplaylist%3Flist%3DPL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO&sop=true&version=st_sop.js&lang=en&description=%D0%A1%D1%83%D0%B4%D0%BE%D0%B2%D0%BE-%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%BD%D0%B0%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%3A%20%D1%81%D0%B2%D1%96%D0%B6%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D0%B0%20%D1%82%D0%B0%20%D1%81%D1%83%D0%B4%D1%96%D0%B2.%20%D0%A1%D1%83%D0%B4%D0%BE%D0%B2%D0%B0%20%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%BA%D0%BE%D1%80%D0%B8%D1%81%D0%BD%D1%96%20%20%D1%81%D1%82%D0%B0%D1%82%D1%82%D1%96%20%20%D0%B2%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D1%83%20%D1%8E%D1%80%D0%B8%D1%81%D1%82%D0%B0%D0%BC.

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.231.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-231-189.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 03:59:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://sud.ua
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 145ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 331078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 08:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 120ms
52ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 81008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 05:29:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 160ms
93ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 545406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 151ms
85ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 540494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:51:35 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 27 KB
27 KB 164ms
102ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 19:24:32 GMT
x-content-type-options: nosniff
age: 549317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27456
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 19:24:32 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
fonts.gstatic.com/s/notoserif/v21/ 18 KB
18 KB 194ms
132ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d46ead9f910fcfde400da676a140b14241a2f67c6f2c0557cb2139cb10ebb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:41:57 GMT
x-content-type-options: nosniff
age: 569872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18328
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 13:41:57 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 191ms
142ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:04:57 GMT
x-content-type-options: nosniff
age: 564892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 15:04:57 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v21/ 16 KB
16 KB 171ms
123ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 19:09:01 GMT
x-content-type-options: nosniff
age: 550248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:36:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 19:09:01 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 182ms
74ms Image
image/gif 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1301699669&utmhn=sud.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D1%83%D0%B4%D0%BE%D0%B2%D0%BE-%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%BD%D0%B0%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&utmhid=65291530&utmr=-&utmp=%2F&utmht=1664164789501&utmac=UA-30552542-1&utmcc=__utma%3D223010201.647635577.1664164789.1664164789.1664164789.1%3B%2B__utmz%3D223010201.1664164789.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1692583304&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ 348 KB
123 KB 159ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2535113839332652&plah=sud.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b3258b3f961d5f6b43e5d47a9d13ba2424a10c6b987ac7fe8d35185f8f861cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125798
x-xss-protection: 0
server: cafe
etag: 8881238131758255600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 03:59:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/ Frame B853 10 KB
5 KB 133ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 51283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 13:45:06 GMT
etag: 9671129459699598864
expires: Sun, 09 Oct 2022 13:45:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 tt
a4p.adpartner.pro/ Frame 12CA 0
0 516ms
516ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=a81bd598-5f86-4451-81db-cbb7c2282c09&session_pageview=1&session_id=694c435a-ba25-4cd8-995e-b637424d61c0&site_visited=1&location=https%3A%2F%2Fsud.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&0.3673841039904986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/jsunit/ Frame 5DFB 5 KB
2 KB 60ms
60ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=694c435a-ba25-4cd8-995e-b637424d61c0&site_visited=1&apuid=a81bd598-5f86-4451-81db-cbb7c2282c09&width=300&screen_width=1600&reload_count=0&banner_num=1664164789422889345&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&0.3673841039904986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 56511f76cafe16bead397706f76b550623a2e3d016d993a36327a96fa98d48a3

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 26 Sep 2022 03:59:49 GMT
server: nginx

GET
H3 200 www-player.css
www.youtube.com/s/player/abfb84fe/ Frame 1B27 358 KB
49 KB 126ms
40ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ef6d6383702bc06b134e946c269ece57f40b540882483d804cea173a235831c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 07:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49730
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 25 Sep 2023 07:19:36 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/ Frame 1B27 309 KB
96 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97978
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/ Frame 1B27 2 MB
578 KB 207ms
122ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe9cc1207ea12d051fca81ac414e62bb3eca4705d7d2fdc59f8b635fb56bd650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 591411
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:49:38 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/ Frame 1B27 9 KB
3 KB 225ms
140ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 169ms
52ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2149114148710027&ev=PageView&dl=https%3A%2F%2Fsud.ua%2F&rl=&if=false&ts=1664164789736&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664164789735.863523537&it=1664164789380&coo=false&exp=a1&rqm=GET

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Sep 2022 03:59:49 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/abfb84fe/ Frame 686E 358 KB
49 KB 101ms
54ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ef6d6383702bc06b134e946c269ece57f40b540882483d804cea173a235831c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 07:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49730
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 25 Sep 2023 07:19:36 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/ Frame 686E 309 KB
96 KB 174ms
127ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97978
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/ Frame 686E 2 MB
578 KB 179ms
133ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe9cc1207ea12d051fca81ac414e62bb3eca4705d7d2fdc59f8b635fb56bd650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 591411
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:49:38 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/ Frame 686E 9 KB
3 KB 188ms
142ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:48:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1B27 15 KB
15 KB 128ms
43ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 492104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 11:18:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 686E 15 KB
15 KB 116ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 492104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 11:18:05 GMT

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 6537 34 B
236 B 45ms
45ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 800ac331b8d34732e73cfe6848ccbb126306dfab99e4f008de7bfc38841e9693

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b11
cache-control: private, max-age=315360000
expires: Thu, 23 Sep 2032 06:59:49 +0300

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5DFB 49 KB
20 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=694c435a-ba25-4cd8-995e-b637424d61c0&site_visited=1&apuid=a81bd598-5f86-4451-81db-cbb7c2282c09&width=300&screen_width=1600&reload_count=0&banner_num=1664164789422889345&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3469
date: Mon, 26 Sep 2022 03:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 26 Sep 2022 05:02:00 GMT

POST
H2 200 jsunit Show response
a4p.adpartner.pro/ Frame 5DFB 26 KB
6 KB 249ms
249ms XHR
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?banner_num=1664164789422889345&id=3106&is_in_viewport=0&ref=&reload_count=0&session_id=694c435a-ba25-4cd8-995e-b637424d61c0&session_pageview=1&shown=&site_visited=1&unit_id=6480
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=694c435a-ba25-4cd8-995e-b637424d61c0&site_visited=1&apuid=a81bd598-5f86-4451-81db-cbb7c2282c09&width=300&screen_width=1600&reload_count=0&banner_num=1664164789422889345&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 11e30144c310e2f4526967821dc8b90b734e5f8a3e1f593637ab619e77f12d2b

Request headers

Referer: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=694c435a-ba25-4cd8-995e-b637424d61c0&site_visited=1&apuid=a81bd598-5f86-4451-81db-cbb7c2282c09&width=300&screen_width=1600&reload_count=0&banner_num=1664164789422889345&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://a4p.adpartner.pro
date: Mon, 26 Sep 2022 03:59:50 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
641 B 456ms
76ms Script
text/javascript 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sud.ua&callback=_gfp_s_&client=ca-pub-2535113839332652

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2535113839332652&plah=sud.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

7961cc976c4b87a664d0a35819bfa71f4c51fd77c6d5adc012c628976ff269b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 221ms
51ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 155ms
67ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C076 265 KB
57 KB 536ms
453ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&adk=1812271804&adf=3025194257&lmt=1664164789&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsud.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164789611&bpp=3&bdt=510&idt=265&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4861910937849&frm=20&pv=2&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b5492c0a053700a9ca37ba763b072b6a069d925116e9d3fc1a9e9591cd5935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 58622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:50 GMT
expires: Mon, 26 Sep 2022 03:59:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.htm Show response
go.rcvlink.com/static/ Frame 6D06 19 KB
9 KB 44ms
44ms Document
text/html 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/iframe.htm
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 30b4b5641b2430f0d935fa51e79cd8f19876b80efdab2c3c9cd75077086d4281

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Mon, 26 Sep 2022 03:59:49 GMT
etag: W/"63211fd2-4c10"
expires: Tue, 27 Sep 2022 03:59:49 GMT
last-modified: Wed, 14 Sep 2022 00:26:58 GMT
server: nginx

GET
H2 200 / Show response
go.rcvlink.com/bdto/RXTtRlV3fD/ Frame 6D06 5 KB
2 KB 75ms
74ms XHR
application/json 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/RXTtRlV3fD/?cache=tpzb493aumz53ho&ver=220914-0326&w=300&h=0&vw=1600&ms=724.0&me=0&ref=https%3A%2F%2Fsud.ua%2F
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: b520a6a62709f5753693f0b69d0a4150869f6f7a76eb930a71d334240b51de26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:49 GMT
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 03:59:49 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
hn: b15
cache-control: no-cache, no-store, no-transform, must-revalidate
content-type: application/json
expires: Mon, 26 Sep 2022 06:59:49 +0300

GET
H2 200 0fa2b5f2cffde375fbb6f6882463a4ec
st11.rcvlink.com/2/304/ Frame 6D06 15 KB
16 KB 90ms
88ms Image
image/webp 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/0fa2b5f2cffde375fbb6f6882463a4ec
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: fbace05547f06021dd7e2d6e78179fd769e024caeeda44221790bce08887ca45

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Fri, 03 Jun 2022 10:08:46 GMT
server: nginx
etag: "6299ddae-1c62a"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 15812
expires: Sun, 25 Dec 2022 03:59:50 GMT

GET
H2 200 4fa0a4b4b34a13abefc36d1dc8305ceb
st11.rcvlink.com/2/304/ Frame 6D06 16 KB
16 KB 49ms
47ms Image
image/webp 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/4fa0a4b4b34a13abefc36d1dc8305ceb
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Fri, 03 Jun 2022 09:50:28 GMT
server: nginx
etag: "6299d964-1bf89"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
content-length: 16508
expires: Sun, 25 Dec 2022 03:59:50 GMT

GET
H2 200 618bb368d4ca2b981a0e5ecf1a7a581d
st11.rcvlink.com/2/304/ Frame 6D06 10 KB
10 KB 167ms
165ms Image
image/webp 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/618bb368d4ca2b981a0e5ecf1a7a581d
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e779e1a1547af5542eb2652cd73472e359f8b309baa94965eb3f17e3d777d00d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Fri, 17 Dec 2021 13:33:09 GMT
server: nginx
etag: "61bc9195-ab7c"
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 10418
expires: Sun, 25 Dec 2022 03:59:50 GMT

GET
H2 200 d37e4cb09d9333c1d501ec61a70303e3
st11.rcvlink.com/2/304/ Frame 6D06 15 KB
16 KB 94ms
92ms Image
image/webp 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/d37e4cb09d9333c1d501ec61a70303e3
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 0cc671d04908e3d1d8011e0a95eecdc4fa3e6fc8b78710460387fb443c7217c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Fri, 20 Nov 2020 10:51:26 GMT
server: nginx
etag: "5fb79fae-18368"
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 15596
expires: Sun, 25 Dec 2022 03:59:50 GMT

GET
H2 200 logo160.png
go.rcvlink.com/img/ Frame 6D06 6 KB
6 KB 44ms
44ms Image
image/png 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/logo160.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Mon, 03 Oct 2022 03:59:50 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
539 B 187ms
76ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 03:32:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:50 GMT

GET
H/1.1 200
OK 1px-matching-adpartner.gif
t.trafmag.com/images/ 35 B
351 B 143ms
36ms Image
image/gif 193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/1px-matching-adpartner.gif?id=a81bd598-5f86-4451-81db-cbb7c2282c09
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 03:59:50 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 uid=a81bd598-5f86-4451-81db-cbb7c2282c09
s.uuidksinc.net/match/798/ 74 B
242 B 116ms
35ms Image
image/png 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/798/uid=a81bd598-5f86-4451-81db-cbb7c2282c09
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://go.rcvlink.com/mtch/31/a81bd598-5f86-4451-81db-cbb7c2282c09
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=71189633253

43 B
440 B

57ms
57ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=71189633253
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=71189633253
hn: b18
date: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 pix
dsp-trk.eskimi.com/ 43 B
256 B 110ms
36ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/pix?e=24&exuid=a81bd598-5f86-4451-81db-cbb7c2282c09
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=0b5f1753-9660-520d-9d6b-3a4efe5a19f8

43 B
458 B

58ms
58ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=0b5f1753-9660-520d-9d6b-3a4efe5a19f8
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=0b5f1753-9660-520d-9d6b-3a4efe5a19f8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=0b5f1753-9660-520d-9d6b-3a4efe5a19f8

43 B
458 B

57ms
57ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=0b5f1753-9660-520d-9d6b-3a4efe5a19f8
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=0b5f1753-9660-520d-9d6b-3a4efe5a19f8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=e9584277-7237-460f-6175-97dd2d2035da

43 B
458 B

57ms
57ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=e9584277-7237-460f-6175-97dd2d2035da
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=e9584277-7237-460f-6175-97dd2d2035da
date: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=bc7d00be-0c17-40a6-60a5-c6735855198b

43 B
457 B

58ms
58ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=bc7d00be-0c17-40a6-60a5-c6735855198b
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:50 GMT
last-modified: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=bc7d00be-0c17-40a6-60a5-c6735855198b
date: Mon, 26 Sep 2022 03:59:50 GMT
server: nginx
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id}
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

43 B
463 B

126ms
40ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 03:59:50 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
date: Mon, 26 Sep 2022 03:59:50 GMT
cache-control: no-store no-transform
server: nginx
content-length: 146
content-type: text/html; charset=utf-8

GET
H2 204 match
dm-eu.hybrid.ai/ 0
239 B 198ms
63ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=177&vid=a81bd598-5f86-4451-81db-cbb7c2282c09

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:50 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 524
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame B803 0
139 B 61ms
59ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22a81bd598-5f86-4451-81db-cbb7c2282c09%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2778881%2C%22cost%22%3A0.000312504%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22aeda2850-1b3b-429f-910e-e0058848c96d%22%7D%2C%7B%22ad_id%22%3A3208561%2C%22cost%22%3A0.000208605%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%227b0ae76d-83e8-44f1-8ae6-834cac5b58ce%22%7D%5D%2C%22unit_id%22%3A6480%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fsud.ua%252F%22%7D
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 26 Sep 2022 03:59:50 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 686E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

50ms
49ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6799717ea0bb4bc095cf97bc7335664728563cb5572b5368d5dc8033862a0a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Sep 2022 03:59:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 686E 29 B
588 B 144ms
41ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:49:42 GMT
x-content-type-options: nosniff
age: 608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Sep 2022 04:04:42 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1B27
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

48ms
48ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bafc718a9c2a27e99f8b4e7ab44eba88a1ef85261700f83b597cab42a838ec98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Sep 2022 03:59:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1B27 29 B
89 B 125ms
42ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:49:42 GMT
x-content-type-options: nosniff
age: 608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Sep 2022 04:04:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 240ms
75ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 26 Sep 2022 03:59:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 686E 65 KB
30 KB 190ms
81ms XHR
application/json+protobuf 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

249e5e95a57065c4b3a379239471de33b9d840d98ef05f924b41dc4e5e5722f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30704
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/ Frame 686E 118 KB
36 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a6560e6b4d95c6996a3f1f2dc1027d941c26f6400013c68f2cd3511a7217d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37039
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:57:10 GMT

GET
H2 200 A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js Show response
www.google.com/js/th/ Frame 686E 36 KB
14 KB 130ms
41ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a36227816959d61be3a6242f5e066fb612b1dfd8d0e10361bc8c9b1c25604e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 10:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 323519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14106
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 10:07:51 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/ Frame 686E 25 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66588b2601543402785015dbdbb38ec1bf00d5acd718697d39fab6a40cd13ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8052
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:51:35 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 170ms
75ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 26 Sep 2022 03:59:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1B27 65 KB
30 KB 212ms
104ms XHR
application/json+protobuf 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c2069ae50e3fbe6ab400679b37433c40da3c28fe148d015adb04384702d8c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30514
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/ Frame 1B27 118 KB
36 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a6560e6b4d95c6996a3f1f2dc1027d941c26f6400013c68f2cd3511a7217d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37039
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:57:10 GMT

GET
H2 200 A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js Show response
www.google.com/js/th/ Frame 1B27 36 KB
14 KB 73ms
51ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a36227816959d61be3a6242f5e066fb612b1dfd8d0e10361bc8c9b1c25604e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 10:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 323519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14106
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 10:07:51 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/ Frame 1B27 25 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66588b2601543402785015dbdbb38ec1bf00d5acd718697d39fab6a40cd13ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 14:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8052
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 14:51:35 GMT

GET
DATA 200
OK truncated
/ Frame 1B27 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu8t97jUCvbSL8JaysAvT478Y2SoOCjj2bB6K0ZHwA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1B27 2 KB
2 KB 193ms
54ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8t97jUCvbSL8JaysAvT478Y2SoOCjj2bB6K0ZHwA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

77801d7bfd8858b02102e180408301a3ce0570241b852165a32fbbc6d8941841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:16:27 GMT
x-content-type-options: nosniff
age: 6203
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: fife
etag: "v803"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 31 Jul 2022 18:14:57 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/D-c-9Pb9YjA/ Frame 1B27 27 KB
27 KB 145ms
41ms Image
image/webp 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/D-c-9Pb9YjA/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a9a6d45a8b1505d6e8cb42c0a64b026474406f9af7397e290c3747be190496a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:12:57 GMT
x-content-type-options: nosniff
age: 2813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27212
x-xss-protection: 0
server: sffe
etag: "1663074809"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 26 Sep 2022 05:12:57 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C48E 0
18 B 105ms
51ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://sud.ua
Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://sud.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:50 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1B27 10 KB
10 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:46:59 GMT
x-content-type-options: nosniff
age: 414771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:46:59 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ 149 KB
53 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7e3fc292b9281261a076fb3213138e72fc1a2000709df81f07991d6c0c4335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54562
x-xss-protection: 0
server: cafe
etag: 335468362584316646
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 03:59:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 134ms
51ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A38E 96 KB
34 KB 460ms
460ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d0d1a59fd7d781babdc08f29a1434a7de9aa18cf619ebbfcc8c778580fb4cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34557
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:51 GMT
expires: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4020 100 KB
35 KB 529ms
528ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=4068299810&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600&nras=3&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iHaHORf0E3&p=https%3A//sud.ua&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2391b8a5ba3a9b834fe30ba47372851fc1faf2c233f61e9fcffe7e33543b53b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35464
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:51 GMT
expires: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8B8 90 KB
33 KB 486ms
485ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2764862848&adf=3911060680&pi=t.aa~a.1676023814~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280&nras=4&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=afDqYcV0hL&p=https%3A//sud.ua&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7b1e8113c194dea4848fe5718d6655ae65789906f85f31be8f3284ecb181403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:51 GMT
expires: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49CF 101 KB
35 KB 513ms
513ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=3298259486&pi=t.aa~a.4124068143~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600&nras=5&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7mjsLk1Aj0&p=https%3A//sud.ua&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd6654e134e9988ef4efd4eea5f5a6ce12d688432268ebca26b63f9fd443813c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35751
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:51 GMT
expires: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5704 86 KB
33 KB 342ms
341ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=50&adk=3872706551&adf=1960333627&pi=t.aa~a.3325116505~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x50&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=1&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600%2C275x600&nras=6&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=McWS4A2OQU&p=https%3A//sud.ua&dtd=32

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f80106f3c9359b98dade4156a5658a631f3382faf9707d18184ca10e8218298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33349
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:50 GMT
expires: Mon, 26 Sep 2022 03:59:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 686E 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?tZEIuw
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1B27 4 KB
2 KB 262ms
132ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:50 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 686E 4 KB
2 KB 317ms
199ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 1B27 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?iyXcSw
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/ Frame 00D8 10 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 00:10:18 GMT
etag: 9671129459699598864
expires: Mon, 10 Oct 2022 00:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/ Frame 12F4 10 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 00:10:18 GMT
etag: 9671129459699598864
expires: Mon, 10 Oct 2022 00:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 00D8 4 KB
636 B 77ms
76ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 02:08:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:50 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 00D8 205 B
742 B 54ms
53ms Image
image/png 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 01:59:31 GMT
x-content-type-options: nosniff
age: 7219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 26 Sep 2023 01:59:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 00D8 604 B
695 B 54ms
54ms Image
image/png 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 23:43:20 GMT
x-content-type-options: nosniff
age: 15390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 25 Sep 2023 23:43:20 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 00D8 19 KB
9 KB 143ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 2919620596669342719
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:22:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 12F4 4 KB
621 B 76ms
76ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 02:35:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 12F4 2 KB
936 B 215ms
118ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:56:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 12F4 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ3xktiMxY8lzi4vfA9bJlugCufvelWaqsYrVxhDw7v_rkAIQASCBv7QjYLuGgIDQCqABh4X4lyjIAQmpAkz3zoOgN7I-qAMByAPLBKoE8gFP0NVQPmSwKwi3WwT05MWvDwyKfdHZkvwfTKFWwggWknjuEWGRDhK2Lj3TdQ1uKpK6YEMgo3pPB82j73s0tXPfIqMgYPzq1S_Qedmf4Z7ALFWyAPwzVALjxDOkV757nvHbAD6WWD8Zdr-FhPmeWQk3cae2XT9BJ0_O2Pg-HKFq93gCVfs7NdRdny5g8KmwJTsgaLL_gc1mIJsOPVb7wSs4g-vWHxlwK7mBDOKhaywl4otlafHD5IUd3eMDDL9PXwFomHSv3wM0BZdhkxBql_nVdtFncyLbyX6ZbzaOlcBolyg6gRogabZN4WsH_C6p8byUm8AE94KcrocEkgUECAQYAZIFBAgFGASgBi6AB4e9yPcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQoKoe0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTI1MzUxMTM4MzkzMzI2NTIYAA&sigh=Yr3qZjbay9k&uach_m=[UACH]&template_id=484

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Sep 2022 03:59:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Sep 2022 03:59:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 12F4 23 KB
9 KB 141ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 02:48:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 12F4 3 KB
1 KB 214ms
119ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:12:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 12F4 17 KB
7 KB 148ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:44:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12F4 140 KB
44 KB 142ms
52ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 12F4 32 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 03:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 05:24:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 24 Dec 2022 03:20:07 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/982946065667258437/ Frame 12F4 12 KB
12 KB 187ms
94ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/982946065667258437/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5511ed891736f568e5b67ad635b9e89fc0be52ccc1aa4c33d2db99d78fb0f23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 03:21:54 GMT
x-content-type-options: nosniff
age: 261477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11788
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 22:36:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 03:21:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5704 6 KB
672 B 77ms
76ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=50&adk=3872706551&adf=1960333627&pi=t.aa~a.3325116505~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x50&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=1&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600%2C275x600&nras=6&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=McWS4A2OQU&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 02:29:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 5704 2 KB
982 B 171ms
117ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:56:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 5704 23 KB
9 KB 132ms
78ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 02:48:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 5704 3 KB
1 KB 132ms
92ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:12:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 5704 17 KB
7 KB 139ms
86ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:44:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5704 0
0 132ms
48ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTr1DSRIjFqZyXF3SgVUkh5V1At2W0c188xrXQHBvsD8YRkRD1NK7dJRZ_CVvJIbbEJmVEDOj_h00C0BWf70Wg7bhdLog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=50&adk=3872706551&adf=1960333627&pi=t.aa~a.3325116505~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x50&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=1&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600%2C275x600&nras=6&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=McWS4A2OQU&p=https%3A//sud.ua&dtd=32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5704 140 KB
44 KB 142ms
106ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 5704 33 KB
13 KB 197ms
86ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 21:18:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5704 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsJzwtiMxY7WfKYv4tgfS_6XgArn73pVmqrGK1cYQ8O7_65ACEAEggb-0I2C7hoCA0AqgAYeF-JcoyAEJqQJM986DoDeyPqgDAcgDywSqBPABT9A2HK7NCWY4K3OGekDUl3rtJBy9WmITdDmi2O648bxfOEx85ew8qljIfDhRvLWu1h_JuI2r6hu5wTed-9jOtaSOeTJWhXtFoG1Ic2wByCnwNP480TS2E3JTfGy5_GoqZxcH2O8XY_f_73oZbvfbLyfvrltmfuGi86bbusluFo4e_MszsRfkbn8S3GgQns_BSG5XRd9oE3ckvyJKF2oLiLjaTiIlHjNt53JH7r6gsHuS2LdqM8F9wPPTSH8IsDfUtOAcBbPqkOEQMk07BLAn987kF0gqDOxZqK6TKrmbXUjKL9hjLvvSi1N_1hanBfgqwAT3gpyuhwSSBQQIBBgBkgUECAUYBKAGLoAHh73I9wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBChigXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItMjUzNTExMzgzOTMzMjY1MhgA&sigh=59fqzXrGkWw&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=50&adk=3872706551&adf=1960333627&pi=t.aa~a.3325116505~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x50&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=1&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600%2C275x600&nras=6&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=McWS4A2OQU&p=https%3A//sud.ua&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/982946065667258437/ Frame 5704 3 KB
3 KB 134ms
103ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/982946065667258437/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a031880a3f28175c0064a4e2a694c9848dea80e18830a0e525b252575430103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 04:42:25 GMT
x-content-type-options: nosniff
age: 170246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2676
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 22:34:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Sep 2023 04:42:25 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 686E 94 B
138 B 77ms
76ms XHR
application/json+protobuf 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77d7a670085f747c3b8dd8e97a384d983a31c0170fd978f4d905f3be077fd1da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 114
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 74ms
74ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 26 Sep 2022 03:59:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1B27 94 B
138 B 77ms
77ms XHR
application/json+protobuf 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d457a81338febe795e28f6241669d4d2c35afe0e55e0c11dd9de2c3ab7e3ac73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 114
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 74ms
74ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 26 Sep 2022 03:59:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/99/ Frame 1B27 53 KB
15 KB 179ms
103ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/99/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 01:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15479
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 16:05:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 27 Sep 2022 01:53:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8779 8 KB
895 B 77ms
76ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 02:11:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 8779 2 KB
936 B 109ms
109ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:56:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 8779 23 KB
9 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 02:48:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 8779 3 KB
1 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:12:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 8779 17 KB
7 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:44:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8779 140 KB
44 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 8779 32 KB
13 KB 112ms
54ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 03:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 05:24:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 24 Dec 2022 03:20:07 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/99/ Frame 686E 53 KB
15 KB 165ms
119ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/99/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 01:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15479
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 16:05:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 27 Sep 2022 01:53:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A38E 8 KB
895 B 77ms
76ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 02:56:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame A38E 2 KB
936 B 83ms
82ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:56:02 GMT

GET
H3

200

B27397474.344142597;dc_pre=CNLK7PnIsfoCFdmK_QcdrdoOsg;dc_trk_aid=535686675;dc_trk_cid=176399011;ord=346680946;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame A38E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B27397474.344142597;dc_trk_aid=535686675;dc_trk_cid=176399011;ord=346680946;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=...
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B27397474.344142597;dc_pre=CNLK7PnIsfoCFdmK_QcdrdoOsg;dc_trk_aid=535686675;dc_trk_cid=176399011;ord=346680946;dc_lat=;dc_rdid=;tag_for_chi...

42 B
63 B

199ms
89ms

Fetch
image/gif

142.251.39.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B27397474.344142597;dc_pre=CNLK7PnIsfoCFdmK_QcdrdoOsg;dc_trk_aid=535686675;dc_trk_cid=176399011;ord=346680946;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.251.39.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B27397474.344142597;dc_pre=CNLK7PnIsfoCFdmK_QcdrdoOsg;dc_trk_aid=535686675;dc_trk_cid=176399011;ord=346680946;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A38E 0
0 91ms
90ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvhHQtiMxY7aEKJDBtweb6IbQBK3l7ZlsyNKmzogQr4G649cCEAEggb-0I2C7hoCA0AqgAdL4y-IDyAEBqAMByAPLBKoE5QFP0AqNpTPGheDEAczSdsYX2VVP0mIi3KG4X0JdcGdz-SvaAbG50SxphTclRvnRvgMNt5vjxP6PyX2-UXY8Zy7MwAcZeI2rG0ScarrjmZjg_yVeSTYBdGyVSzzmQ-K-Gynco8FIttt9oJ9C8vVY5nL3Uo_LvDHz_ZKG3_KKqL4BuPawuIDjDicPYrRtYr8EHKCa1sElCpICPZhU_B9K-7sdrWe40-yuIkzNBgL2WkaFGav_Phoq8mIqZ7YadPxNbMNkOUJxr7ltfNeBDZSQf9Lf9013EeBuE53skfkfAsGv97vMQLcHwASTrJeslAKgBi6AB4GI1kOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCYygPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0yNTM1MTEzODM5MzMyNjUyGAA&sigh=9FY9dyVct34&uach_m=[UACH]&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8578129967820296872/ Frame A38E 6 KB
6 KB 159ms
75ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8578129967820296872/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bafcba88e633035552c18fd4d513782c53502edf3f0938a5e13e8b55316024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:35:00 GMT
x-content-type-options: nosniff
age: 491091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6408
x-xss-protection: 0
last-modified: Tue, 08 Jan 2019 00:33:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Sep 2023 11:35:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12764592733920308927/ Frame A38E 14 KB
14 KB 144ms
61ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12764592733920308927/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213bfb43371b952e36681d0e2efe2ac45acbe4c9f1f36d39827a924422bafd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 12:37:36 GMT
x-content-type-options: nosniff
age: 400935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14177
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 20:40:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 12:37:36 GMT

GET
DATA 200
OK truncated
/ Frame A38E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de700f74238018d3d7ca9f9db39f7ccd1c6820f6afffcc88b36a3bcfa8c65d50

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A38E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame A38E 23 KB
9 KB 119ms
49ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 02:48:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame A38E 3 KB
1 KB 190ms
121ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:55:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame A38E 17 KB
7 KB 186ms
117ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:13:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A38E 0
0 49ms
48ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVxYHYHZYK2dSQa7ca2k26sOpo7R1mcF2iTjQWJnd3qXFamldHfRp0cQl4QYQ8uEZguKV7G3vDEH9gniuBCZ6TAPXySg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A38E 140 KB
44 KB 132ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame A38E 33 KB
13 KB 79ms
68ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 21:18:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F8B8 6 KB
672 B 77ms
77ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2764862848&adf=3911060680&pi=t.aa~a.1676023814~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280&nras=4&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=afDqYcV0hL&p=https%3A//sud.ua&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 02:20:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F8B8 2 KB
902 B 172ms
121ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:56:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame F8B8 23 KB
9 KB 93ms
43ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 02:48:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F8B8 3 KB
1 KB 166ms
122ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:55:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame F8B8 17 KB
7 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:13:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8B8 140 KB
44 KB 124ms
59ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame F8B8 32 KB
13 KB 126ms
125ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 03:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 05:24:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 24 Dec 2022 03:20:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F8B8 0
0 89ms
88ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C46qLtiMxY9bEKITYtwegkJCYBrn73pVmqrGK1cYQ8O7_65ACEAEggb-0I2C7hoCA0AqgAYeF-JcoyAEJqQJM986DoDeyPqgDAcgDywSqBPcBT9C2pBkZlZwmTf0LcceUtRXpsmivzWpG-KYOPD2ZCZLKHFm51qqGJUTL6wTO0lK4hlrEDR09jP0SB2b6rzRnJNuur_vh8WJlYKVuN7Y4I7okTnFAfHxa_lQqVNcHi3vGfG3aJ9ZGkjV5qqkWU1v3V35-6Fryt4bXQRjwtM_MYHylVkO92eavEnGW1mMeSC6EITYc9L_WrUBTQNU633CRFCPJ0E182r7E4MJ5kftTGLpvHT5rVP37Qz1sRL99XBhKSb0_V_CnNwku4K9wcV21O3PHhAPI-qD2HIAtUMwDpSDwCvRFj7_bkmeTz-5tleHkqFRhJ0VeHMAE94KcrocEkgUECAQYAZIFBAgFGASgBi6AB4e9yPcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqccE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTI1MzUxMTM4MzkzMzI2NTIYAA&sigh=2j1ovR-zKTc&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2764862848&adf=3911060680&pi=t.aa~a.1676023814~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280&nras=4&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=afDqYcV0hL&p=https%3A//sud.ua&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/982946065667258437/ Frame F8B8 13 KB
13 KB 116ms
80ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/982946065667258437/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d61c2018e6d6642fb0f2c3236693a819b10eb8cfb3e806890b78560503fe668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:44:43 GMT
x-content-type-options: nosniff
age: 432908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13136
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 22:36:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 03:44:43 GMT

GET
DATA 200
OK truncated
/ Frame F8B8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 12F4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0bd393bee9af64934f27539378dd4426d78f9762ee0f24c27533d0f77e47bfe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 29FD 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 09:23:25 GMT
etag: 48472445140208031
expires: Mon, 26 Sep 2022 09:23:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 49CF 8 KB
895 B 78ms
77ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=3298259486&pi=t.aa~a.4124068143~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600&nras=5&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7mjsLk1Aj0&p=https%3A//sud.ua&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 02:45:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 49CF 2 KB
902 B 111ms
109ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:56:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 49CF 23 KB
9 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 02:48:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 49CF 3 KB
1 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:55:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 49CF 17 KB
7 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:13:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 49CF 0
0 48ms
48ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREq4YEL9j4PM-dQUo7P3pgkVyiwOBDH0bjDSd-R7-1F8JQhtD0LHrmxdrjj-DhUEG2KD2RstwVPizUD7sp7L4DyKyWqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=3298259486&pi=t.aa~a.4124068143~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600&nras=5&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7mjsLk1Aj0&p=https%3A//sud.ua&dtd=29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49CF 140 KB
44 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 49CF 33 KB
13 KB 58ms
57ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 21:18:18 GMT

GET
DATA 200
OK truncated
/ Frame 5704 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eccbb214227e24e88bf12fed71e908138b7db5df36c03dd850a96726a0de0a62

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 49CF 0
0 88ms
88ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbWW_tiMxY9b7KMK1twed84TICLn73pVmqrGK1cYQ8O7_65ACEAEggb-0I2C7hoCA0AqgAYeF-JcoyAEJqQJM986DoDeyPqgDAcgDywSqBPYBT9AhyJRk7sfrBjjrwqzDbApJiL-DLoVTtS0Hq0vrvpcYLkwwyJ4O5RXpc_LKcRVxfoZioGWPbue15F1xIyBrQYfQLSVlNXosgHnCMQWWztGn9P09hVhKcaWNuCUUoNVLSIS5bgUEbAY5w8YuVAFKaqWAPS6Jvuh9gYcGs34IXWhCIw8mBeaBZJO8cFJTaStVlHq7UIbDpl3tl24gq7E6aKtZ2RUMz3VqTIs1Sqd2nje2nm5kSrby77fHdkRc_NeTsP2yNFQda2Kjtidtavuw1sB8ureAo4_B1SL2EJw2tBpXhjnIlvashJu37M9j4u9UXvZDWIUAwAT3gpyuhwSSBQQIBBgBkgUECAUYBKAGLoAHh73I9wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDPsgTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0yNTM1MTEzODM5MzMyNjUyGAA&sigh=6oF15nXcfo4&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=3298259486&pi=t.aa~a.4124068143~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600&nras=5&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7mjsLk1Aj0&p=https%3A//sud.ua&dtd=29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/982946065667258437/ Frame 49CF 6 KB
6 KB 82ms
82ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/982946065667258437/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dffc7aa478f77837aef3dc2a76b49104d58b7141d108312a05fb3b3a5cccccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 03:37:42 GMT
x-content-type-options: nosniff
age: 260529
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5967
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 22:34:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 03:37:42 GMT

GET
DATA 200
OK truncated
/ Frame 49CF 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 49CF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 4020 8 KB
895 B 76ms
76ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=4068299810&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600&nras=3&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iHaHORf0E3&p=https%3A//sud.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 02:18:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 4020 2 KB
902 B 71ms
70ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:56:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 4020 23 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 02:48:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 4020 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:55:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 4020 17 KB
7 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 03:13:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4020 0
0 51ms
49ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2YED-9I8Rd4sFfjF31zyY_vDvV9C5Esj8ExdWxJL-gZROreRMGTxy7ziHDx3xyweYof3bY-s9uBOECM2xClnN1Q-DCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=4068299810&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600&nras=3&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iHaHORf0E3&p=https%3A//sud.ua&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4020 140 KB
44 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 4020 33 KB
13 KB 55ms
53ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 21:18:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE80 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:39:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4020 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkgBWtiMxY4C1KJqQtwe8jJOAAbn73pVmqrGK1cYQoIeA7JACEAEggb-0I2C7hoCA0AqgAYeF-JcoyAEJqQJM986DoDeyPqgDAcgDywSqBPABT9C8xJMFl9fJr6APdrSuyF5s_FTrgSWEV-yx7v2G89bUGleKZ1V3Jmrl_gYEpaTj7UHbrqzD1rQ5yJ4DH2roF7x6oXyWcEPP-7pmiJnQ7t_jtM2RSRknDL9XH62QsUrZ1ymyBjLJK7ZXtZuAHp3Ppdv5jjNp9TGG0oux89iQf4pBQUHaU9hz5WobLucfDmY_Legg8MviFTS-8RYEhd6XO6Q8FxJNxMnicJPKCVve5yVEwXKCjTUmH839PwNVuZYBp6bGSdvPccqFnGLJLwsjLgm09-OPKVZqONDRyNJob2_zQxQnq4ykEIjK3qEeR4xPwAT3gpyuhwSSBQQIBBgBkgUECAUYBKAGLoAHh73I9wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDHlwXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0yNTM1MTEzODM5MzMyNjUyGAA&sigh=owv6ukHT5_M&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=4068299810&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600&nras=3&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iHaHORf0E3&p=https%3A//sud.ua&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/982946065667258437/ Frame 4020 22 KB
22 KB 43ms
41ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/982946065667258437/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1c90770175cf9047fdfb1867eb10b93ed1609d665a16447f247ff64a0836d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 14:48:08 GMT
x-content-type-options: nosniff
age: 47503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22471
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 22:34:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 25 Sep 2023 14:48:08 GMT

GET
DATA 200
OK truncated
/ Frame 4020 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4020 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B26E 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 09:23:25 GMT
etag: 48472445140208031
expires: Mon, 26 Sep 2022 09:23:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F8B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee62871e367d14c0e9373becab9e28a3884c1f9c78b6e006578e80aa989f1185

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5704 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 576754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 11:47:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5704 15 KB
16 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 81010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 05:29:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5704 15 KB
15 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 331080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 08:01:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A015 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 09:23:25 GMT
etag: 48472445140208031
expires: Mon, 26 Sep 2022 09:23:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29FD
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENHDz90l_t8obNbT_f5mRJ8&google_cver=1&google_push=AZmPxg_wcdxY88n0RXMm9w-wvy8ee-nZhRA9UhfcgQvP1Jgh2cv1-u6inVW6cAdeAsocXHR_r3aqU0JWFt3-NaK0wgtuZ5FpZKhE
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_wcdxY88n0RXMm9w-wvy8ee-nZhRA9UhfcgQvP1Jgh2cv1-u6inVW6cAdeAsocXHR_r3aqU0JWFt3-NaK0wgtuZ5FpZKhE&google_hm=Q0FFU0VOSER6OTBsX3Q4b...

170 B
188 B

144ms
77ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_wcdxY88n0RXMm9w-wvy8ee-nZhRA9UhfcgQvP1Jgh2cv1-u6inVW6cAdeAsocXHR_r3aqU0JWFt3-NaK0wgtuZ5FpZKhE&google_hm=Q0FFU0VOSER6OTBsX3Q4b2JOYlRfZjVtUko4

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 03:59:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_wcdxY88n0RXMm9w-wvy8ee-nZhRA9UhfcgQvP1Jgh2cv1-u6inVW6cAdeAsocXHR_r3aqU0JWFt3-NaK0wgtuZ5FpZKhE&google_hm=Q0FFU0VOSER6OTBsX3Q4b2JOYlRfZjVtUko4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29FD
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8aMNuJMKb2Z4B46TUp_1apIK_HMF0wP4ymbY0nsPZEvrSLC5-koLfN5tqLXFucPSicfbDZ2Pd5gNRkyPb1QBiOKIcun4Jm&google_gid=CAESEHQ8ULq0Aqc0cMkcCmhlI50&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLfHxJkGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWm1QeGc4YU1OdUpNS2IyWjRCNDZUVXBfMWFwSUtfSE1GMHdQNHltYlkwbnNQWkV2clNMQzUta29MZk41dHFMWEZ1Y1BTaWNmYkRaMlBkNWdOUmt5UG...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVUhHTnFnT3NSZ3hCbC04a3UtbzJDMDl4dmtYcEdTYkxLZ2NweGpZNXpPQQ==&google_push

170 B
188 B

142ms
77ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVUhHTnFnT3NSZ3hCbC04a3UtbzJDMDl4dmtYcEdTYkxLZ2NweGpZNXpPQQ==&google_push

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Sep 2022 03:59:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVUhHTnFnT3NSZ3hCbC04a3UtbzJDMDl4dmtYcEdTYkxLZ2NweGpZNXpPQQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 29FD 0
41 B 403ms
34ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDhjKJnZ76WHyzCqlBTrZmw&google_cver=1&google_push=AZmPxg8eHJzv8vjuTNNAg5zWHFAu3QHaiQrmzv1xMiiwoej7HGsNoh7cY9_eQXQJ_urY0vMK3PzBzP99Rw-CDVFROurGqW_uTXQH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=50&adk=3872706551&adf=1960333627&pi=t.aa~a.3325116505~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x50&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=1&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600%2C275x600&nras=6&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=McWS4A2OQU&p=https%3A//sud.ua&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 29FD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPlUvqxbv_x5COw0-EGR6vY&google_cver=1&google_push=AZmPxg_1vYx-ElWfKdr9yzdgwf2PJ7bzTL3Pd4G5pMRMEp-FnlqrNg1BBc0h0h8EPfZSg6SGZtG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaOE4tMy1JVllU&google_push=AZmPxg_1vYx-ElWfKdr9yzdgwf2PJ7bzTL3Pd4G5pMRMEp-FnlqrNg1BBc0h0h8EPfZSg6SGZtGJdXD-uVJkfogLcJ7mtnfoqCM

170 B
329 B

78ms
78ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaOE4tMy1JVllU&google_push=AZmPxg_1vYx-ElWfKdr9yzdgwf2PJ7bzTL3Pd4G5pMRMEp-FnlqrNg1BBc0h0h8EPfZSg6SGZtGJdXD-uVJkfogLcJ7mtnfoqCM

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaOE4tMy1JVllU&google_push=AZmPxg_1vYx-ElWfKdr9yzdgwf2PJ7bzTL3Pd4G5pMRMEp-FnlqrNg1BBc0h0h8EPfZSg6SGZtGJdXD-uVJkfogLcJ7mtnfoqCM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29FD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBK_lmV6cvk0Cb55pi5RyNs&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBK_lmV6cvk0Cb55pi5RyNs&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBK_lmV6cvk0Cb55pi5RyNs&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg-WFXl6BG6W1DOX3q6iw-ahBwiq_coDH...

170 B
188 B

77ms
77ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBK_lmV6cvk0Cb55pi5RyNs&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg-WFXl6BG6W1DOX3q6iw-ahBwiq_coDHgCo7FLFXWLdw7Ufixk-7XPFSlQj7ZqHvHq2Dsaj3GTaiA6zbaYSsgcq_Dxx3og

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WP%2BHP%2B6Vz8yXr8EjphQhh8wiIFXEqL5ic1qUIc0tc3iH7hei3xtEldZSy3Vjq81FaoVcujR0EDRHtagyye4q2LcO9U2OTAMReccMPbRm9yf5xEW0RFpc0pLb%2Ff2DJ59hY0h0gjNRJfsuXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBK_lmV6cvk0Cb55pi5RyNs&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg-WFXl6BG6W1DOX3q6iw-ahBwiq_coDHgCo7FLFXWLdw7Ufixk-7XPFSlQj7ZqHvHq2Dsaj3GTaiA6zbaYSsgcq_Dxx3og
cache-control: no-cache
cf-ray: 750916dbae55e664-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 29FD 43 B
296 B 314ms
37ms Image
image/gif 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPepa33jXtmcy7LZnE2a80s&google_cver=1&google_push=AZmPxg9rTEXGRNjWgFLtWcoRDM4zhSRyyVLltYrgHBrlYt6GaCqFISX4cwOhUm-32JQeaqv8eik34dE7v-KuXt65t85acVZ4I66E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=50&adk=3872706551&adf=1960333627&pi=t.aa~a.3325116505~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x50&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=1&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600%2C275x600&nras=6&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=McWS4A2OQU&p=https%3A//sud.ua&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 29FD 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 29FD 0
232 B 238ms
74ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQUlhyDVItnhBwYHSVEot5JSDVhgjuPferm-HssneVwEsOwS3jTIPeOVuBW2Gh7vBdTiELWA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame FC57 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 05:59:04 GMT

GET
DATA 200
OK truncated
/ Frame A38E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ac0915c398c10651ec89c7e2b46eefbd5fa0fdd2eea6425a2e7edd231588add

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F0FD 1 KB
749 B 42ms
40ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 09:23:25 GMT
etag: 48472445140208031
expires: Mon, 26 Sep 2022 09:23:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B863 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 09:23:25 GMT
etag: 48472445140208031
expires: Mon, 26 Sep 2022 09:23:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A38E 28 KB
28 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 414907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:44:44 GMT

GET
DATA 200
OK truncated
/ Frame 4020 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53b97827062e41a502ec6d9e1007bef6a7e7f561655e9d9960b47fb53a3b8706

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 49CF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3866c07779b40806be1760f7f89cd99f7d5b8c2ddddae9251e4bfdc260eab11f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4020 28 KB
28 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 414907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:44:44 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 49CF 28 KB
28 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 414907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:44:44 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame DDCA 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 05:59:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE80
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
66ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:51 GMT
expires: Mon, 26 Sep 2022 03:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 03:59:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8B8 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 331080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 08:01:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8B8 15 KB
16 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 81010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 05:29:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8B8 15 KB
15 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 576754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 11:47:17 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame B26E 35 B
462 B 138ms
41ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN_PM7N_SNaiTZ3n499FLLU&google_cver=1&google_push=AZmPxg83uav-w3FZIHkxkJydZtY58LOLfK3k_LPrHJNpU5QKAAlaGjde9CmdUh4P7PsbeJw3TRtzRK-tMXeyLuaqWrMZLcpxWaU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B26E
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEEkOC7WRbG0vBO-2T6jqRrM&google_cver=1&google_push=AZmPxg-DG_C9KV8ps640O_yWO0JsCa9jdG-E1yKhZVK4zC7yoVE1gt8gnavVVumFgQA_Rp-cwf3owozqk3NDPowjrRHJv0tWXw
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-DG_C9KV8ps640O_yWO0JsCa9jdG-E1yKhZVK4zC7yoVE1gt8gnavVVumFgQA_Rp-cwf3owozqk3NDPowjrRHJv0tWXw&google_hm=Q0FFU0VFa09DN1dSYkcwdkJ...

170 B
188 B

77ms
77ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-DG_C9KV8ps640O_yWO0JsCa9jdG-E1yKhZVK4zC7yoVE1gt8gnavVVumFgQA_Rp-cwf3owozqk3NDPowjrRHJv0tWXw&google_hm=Q0FFU0VFa09DN1dSYkcwdkJPLTJUNmpxUnJN

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 03:59:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-DG_C9KV8ps640O_yWO0JsCa9jdG-E1yKhZVK4zC7yoVE1gt8gnavVVumFgQA_Rp-cwf3owozqk3NDPowjrRHJv0tWXw&google_hm=Q0FFU0VFa09DN1dSYkcwdkJPLTJUNmpxUnJN
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B26E 43 B
356 B 109ms
40ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEP59H--Y_w4kdVS97PgfIe4&google_push=AZmPxg_weZdciXPg6nBRl9Or5guM4X33Kcdu-kTmnDVL0uhYpE8zHAV4lhOmxI7WT7lHabMmeMAkmP2l2fI27YdcjeId2fIwMM8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2764862848&adf=3911060680&pi=t.aa~a.1676023814~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280&nras=4&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=afDqYcV0hL&p=https%3A//sud.ua&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame B26E 43 B
351 B 101ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELPLCEp9QcjJFWWVSkCS_yo&google_cver=1&google_push=AZmPxg_23uWTIZtmobv1RZrPZ81HKXqZem2adg7wsJTOQ3vt2L-dO_CDc-HL6_RjvuTw5SmnsaX8b8YR6Sq3aVyledjanXszIH8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2764862848&adf=3911060680&pi=t.aa~a.1676023814~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280&nras=4&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=afDqYcV0hL&p=https%3A//sud.ua&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: a6b4r0ekbv2hj85mmua4ib3usidl4q99

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B26E 0
41 B 192ms
34ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEITQSuRJkEYW2zYqmjZGRPM&google_cver=1&google_push=AZmPxg_x1OD9Ws3ehrvAxVrX1BjxfnGX6fbaUpkmawYW2ANImdR9n_ySoPDDejVRU6Rc0Vd8naS-vaQURsqOxAE021Vtyp8yfQk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2764862848&adf=3911060680&pi=t.aa~a.1676023814~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280&nras=4&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=2593&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=afDqYcV0hL&p=https%3A//sud.ua&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B26E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJZ1Mw74MKDIcZWTNnMq9M&google_cver=1&google_push=AZmPxg9cketSsPMl3YPa6wUpua87d175v8_gke7XGQ4BfZDBohFB6yRk70pSDPcAuyDGfCb6nqW...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaQjItMTItNE80&google_push=AZmPxg9cketSsPMl3YPa6wUpua87d175v8_gke7XGQ4BfZDBohFB6yRk70pSDPcAuyDGfCb6nqWOaGuTPl-PBXZcdxM3aNNpSks

170 B
188 B

139ms
80ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaQjItMTItNE80&google_push=AZmPxg9cketSsPMl3YPa6wUpua87d175v8_gke7XGQ4BfZDBohFB6yRk70pSDPcAuyDGfCb6nqWOaGuTPl-PBXZcdxM3aNNpSks

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaQjItMTItNE80&google_push=AZmPxg9cketSsPMl3YPa6wUpua87d175v8_gke7XGQ4BfZDBohFB6yRk70pSDPcAuyDGfCb6nqWOaGuTPl-PBXZcdxM3aNNpSks
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B26E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELW1Y47r6Z30yRNg6JlGdOA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELW1Y47r6Z30yRNg6JlGdOA&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg8Y48QZeHkOvL0wwvHuJ7-S1h1SjhxfP...

170 B
188 B

77ms
77ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELW1Y47r6Z30yRNg6JlGdOA&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg8Y48QZeHkOvL0wwvHuJ7-S1h1SjhxfPeLPqo7gFNOuNa268J_3V1y2bLGXW-KtOCHrGNJRxSv9DAfcJPXFZgAFeNEJwd0

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HR3m09Zux8R0KqL7P2YjRFn8yS%2BTCuF2BxlmlGoJrvVLmbmncTXKE%2FtfL4xTGvW%2BGGRaNE2hmrevFw5h13WYUbxhw3JJ3J5DU4DYoERySAA9IP722ybSDYH%2B1%2BDzuNn%2FXyxVT2BoPeNQDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELW1Y47r6Z30yRNg6JlGdOA&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg8Y48QZeHkOvL0wwvHuJ7-S1h1SjhxfPeLPqo7gFNOuNa268J_3V1y2bLGXW-KtOCHrGNJRxSv9DAfcJPXFZgAFeNEJwd0
cache-control: no-cache
cf-ray: 750916dbae54e664-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B26E 0
40 B 76ms
75ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ig0XbgO2Ir3U61RXqjLCuCEc8Pzb1auD9lCuydzE1apq3CS6xOJx0ixvmU0mCXquH0A6QF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame A015 35 B
462 B 130ms
42ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOgbUbN4nN-wWtYo1dLGSKI&google_cver=1&google_push=AZmPxg-HBNMulSYU29rhFKj4t9JO_Ier7qVQH8n19JOUMHGO4icc_x3spIrupk52BEVuAD0f_EzvzQw79zB37WM4iJYrtlnQjjM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame A015 42 B
60 B 40ms
38ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9ix3nDaGdCms2Rk621lq7yJrR5VJw9xZoS22tnLV4s07iYxaXK_v-XXIEXZAG6TDlUIi0F6ggmZFWTAY-B3zc79pLkgQU&google_gid=CAESEPZlPviuhYL8XFLM20m_MhQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 03:59:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 dds
rtb.openx.net/sync/ Frame A015 43 B
134 B 95ms
35ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKrMrQXcsEXm80Av_8j6tWo&google_cver=1&google_push=AZmPxg_8sgKC2wehqnxR_bPoYDFz0cPhaT4htl43MMepK3uqTlPYvA5NRAJXKNkPXUciBUFK0W5E8ZyVoKYvBpALkdhgEBpNowuV
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n5gqnhapkjt43mi4urscjfh00k7agsiu

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A015 0
166 B 183ms
33ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOnExhiDHeI48FodyUlwzpQ&google_cver=1&google_push=AZmPxg_MnG19R5VQb1GHcGQ6QYtUcWR91JXLInA1kgzcbWtm-OgGw_4KSEOAw7fO8fIvbYrH25T_ZBp3d5xuXiLkzP04TInkiAYL
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A015
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPEMhW6UdozTFiMla36UCeQ&google_cver=1&google_push=AZmPxg8iH1uJW4-Ayq-jQ7VTU6nfu5xbptuX4BjsvKek7nWUJLMXd5xxEGHlTJ8660hXG8LAijo...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaQ04tMUItN0dMQw==&google_push=AZmPxg8iH1uJW4-Ayq-jQ7VTU6nfu5xbptuX4BjsvKek7nWUJLMXd5xxEGHlTJ8660hXG8LAijos-OSU5EMZRIwQXEwcyV8IG7cd

170 B
188 B

78ms
78ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaQ04tMUItN0dMQw==&google_push=AZmPxg8iH1uJW4-Ayq-jQ7VTU6nfu5xbptuX4BjsvKek7nWUJLMXd5xxEGHlTJ8660hXG8LAijos-OSU5EMZRIwQXEwcyV8IG7cd

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaQ04tMUItN0dMQw==&google_push=AZmPxg8iH1uJW4-Ayq-jQ7VTU6nfu5xbptuX4BjsvKek7nWUJLMXd5xxEGHlTJ8660hXG8LAijos-OSU5EMZRIwQXEwcyV8IG7cd
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A015
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGDypGz8qyb5h7TFqt2mHuw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGDypGz8qyb5h7TFqt2mHuw&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg81VkZ72WpxahVP60kCorlAg-92OLv7c...

170 B
188 B

78ms
78ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGDypGz8qyb5h7TFqt2mHuw&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg81VkZ72WpxahVP60kCorlAg-92OLv7cOOfKOx8BLW_VYAYUhL2CPoiWqjOulQ9-_QvwWbBHxUBJraokVHJv84WouXjCE4d

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgPdibRmds%2BFnmQIo9Cc2hFL5b2mFSzEPZwmKFLqbKpvEs9OtQqr2LD%2FYFGiQhGYpFYQvjbH%2FNTu8mWKYwg6gG0TyV%2FEo1xGaTduG1ii81KGzl1y5TAgEMgKs7GZbK4cLQZ5NnUwn6vpGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGDypGz8qyb5h7TFqt2mHuw&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg81VkZ72WpxahVP60kCorlAg-92OLv7cOOfKOx8BLW_VYAYUhL2CPoiWqjOulQ9-_QvwWbBHxUBJraokVHJv84WouXjCE4d
cache-control: no-cache
cf-ray: 750916dbae53e664-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame A015 43 B
297 B 93ms
35ms Image
image/gif 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESENDZ0UglNgNHKJOugGvOIrQ&google_cver=1&google_push=AZmPxg9ow_W0FAFrdcYBSTsw-9q37iSvuY28zgICP2q4WAtZoJ3R8JoR2JwNQr4ydhomsEolhRC_ymz2FPyiYq36oPYRRasuI5gc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=647843891&adf=4137342386&pi=t.aa~a.2435821863~rp.4&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=2&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0&nras=2&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FTgzi7FM3M&p=https%3A//sud.ua&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A015 0
40 B 77ms
75ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KeZTWFQTQiNrRBpclKlBv5ay0FVh7lhcB_5jApSNmCRqOyMkwfniiVhsSwv8W42SqIdz4T

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame F0FD 35 B
463 B 107ms
40ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG6_RzbpKEqCM6cwwpZY0Jo&google_cver=1&google_push=AZmPxg9IbIO39QdDcy5v20Xi8QNyeP2GloDSUh7XY9E1C6QOyWVCdvo9DaGSzUUcbc0uQKfvOKiEPW7GfMQ665apmORAMocX1BIU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0FD
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEE90cknXCCTFKm_xrOT5p7I&google_cver=1&google_push=AZmPxg9M3eUdlVtsy0706tJHJ9hrNEHUbaexELEcDCNXqKzpEyqMde31AujR70fzG51bdSzOzioF0cuIyHsEHgKoyZlxQB4-svg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9M3eUdlVtsy0706tJHJ9hrNEHUbaexELEcDCNXqKzpEyqMde31AujR70fzG51bdSzOzioF0cuIyHsEHgKoyZlxQB4-svg&google_hm=Q0FFU0VFOTBja25YQ0NURk...

170 B
188 B

79ms
79ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9M3eUdlVtsy0706tJHJ9hrNEHUbaexELEcDCNXqKzpEyqMde31AujR70fzG51bdSzOzioF0cuIyHsEHgKoyZlxQB4-svg&google_hm=Q0FFU0VFOTBja25YQ0NURkttX3hyT1Q1cDdJ

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 03:59:51 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9M3eUdlVtsy0706tJHJ9hrNEHUbaexELEcDCNXqKzpEyqMde31AujR70fzG51bdSzOzioF0cuIyHsEHgKoyZlxQB4-svg&google_hm=Q0FFU0VFOTBja25YQ0NURkttX3hyT1Q1cDdJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame F0FD 43 B
106 B 79ms
41ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPAm8cDqUmVf9Grax5okOgI&google_push=AZmPxg_khFHG9UkXwr--E-FBPrC9lqR0gGJ18RdjQorguVJSNLXlVAn-ceG97SlSCjf2btOZQruakDO5PCX-rtW83Y7KWSBLKdNB&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=3298259486&pi=t.aa~a.4124068143~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600&nras=5&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7mjsLk1Aj0&p=https%3A//sud.ua&dtd=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame F0FD 43 B
134 B 71ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENjhfROewVpc5CvqQaPISqQ&google_cver=1&google_push=AZmPxg9wQvLi3IMXb4FRHLmya9ih_ZJekwCqnpSMmlpQ3FE_1nfYnrktdRVG5Gqp3shW0vTFNP2_5lvScZ8eLccTjnvTpMPD-ITw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=3298259486&pi=t.aa~a.4124068143~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600&nras=5&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7mjsLk1Aj0&p=https%3A//sud.ua&dtd=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: fs4e0l1b74bcma8v3eplulansv3mimfs

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F0FD 0
41 B 161ms
33ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE-sRV58U5FVL3LtJG5yIL0&google_cver=1&google_push=AZmPxg9fg52nZbeqsut0oO7Xh1G0JMtRW3svKYSndrP5Yb8Ad_WZbumKeyonTwwlB1N17STrv9s8nNR8-xsTNSBpAAtU1yCnkHE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=2902652748&adf=3298259486&pi=t.aa~a.4124068143~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=275x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600%2C420x280%2C300x600&nras=5&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=868&ady=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=7mjsLk1Aj0&p=https%3A//sud.ua&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0FD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDywuKSXckdM-mg19bAxfNs&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDywuKSXckdM-mg19bAxfNs&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg_obiNNLoXzlA3fCK7gDUHlGMAjGU5-C...

170 B
188 B

76ms
76ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDywuKSXckdM-mg19bAxfNs&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg_obiNNLoXzlA3fCK7gDUHlGMAjGU5-CEQEu4hALjg2BHXCrgeU49FjEBMsh7I5koVqfjK7iFNSLKeJA--7W-wWiAb_CIU

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIkvIJMfsAcjEqnhWhlX%2B5r1O8M9vr8sTDH3pkSslkwsVT1kyDnvl5gTOGVD6J105IINRQeAC%2BpQdNS%2FvLXl6%2FW3QTVRE22NGWn%2FyO172PPR2OJBSy33FeZlp3LhZP53EcAlGZVWmYw5Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDywuKSXckdM-mg19bAxfNs&google_hm=YzEjt2LE-7mIUeF0bTYziQAAEUQAAAAB&google_nid=index&google_push=AZmPxg_obiNNLoXzlA3fCK7gDUHlGMAjGU5-CEQEu4hALjg2BHXCrgeU49FjEBMsh7I5koVqfjK7iFNSLKeJA--7W-wWiAb_CIU
cache-control: no-cache
cf-ray: 750916dbae56e664-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame F0FD 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F0FD 0
12 B 186ms
76ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lrdl8-Q90piMcmlz8FmfuRXhWGs-obPOoJ3VRuMS3JXiSM4m_On0b31XwDgQenfCwwHQw69A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame B6BB 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 05:59:04 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B863 0
104 B 207ms
65ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDPe6V00wRi-cHU7iEq2yiY&google_cver=1&google_push=AZmPxg9CHyKxnuNq_5PJ7rmVomPXlPpLQQl-kHWc2BY-YJW8ZM4E23xygbIf62fd_LP2mOT9Lvt65dTCeD42BLs6dsDMwNzoB120lTI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=4068299810&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1664164790&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664164790591&bpp=1&bdt=1490&idt=-M&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98cdf6592cb7db32-22154d852fce00da%3AT%3D1664164790%3ART%3D1664164790%3AS%3DALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w&prev_fmts=0x0%2C275x600&nras=3&correlator=4861910937849&frm=20&pv=1&ga_vid=647635577.1664164789&ga_sid=1664164789&ga_hid=65291530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068920&oid=2&pvsid=837425820490067&tmod=2093917139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iHaHORf0E3&p=https%3A//sud.ua&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B863
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECo7TTCANX-y9vsNFRgOqLg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECo7TTCANX-y9vsNFRgOqLg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0RkMDd0UGkxT0NGaEI1&google_gid=CAESECo7TTCANX-y9vsNFRgOqLg&google_cver=1&google_push=AZmPxg9Hb7t0rI0iv6vj6U8abVKNKBbLMrUcdfTPmH8zxfT...

170 B
188 B

79ms
78ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0RkMDd0UGkxT0NGaEI1&google_gid=CAESECo7TTCANX-y9vsNFRgOqLg&google_cver=1&google_push=AZmPxg9Hb7t0rI0iv6vj6U8abVKNKBbLMrUcdfTPmH8zxfTfIx0mZFKKARIgqL0B3j6c9Emc0-AEHPSTccJ0yoayk8ryXvZSTf4-d5g

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 03:59:50 GMT
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0RkMDd0UGkxT0NGaEI1&google_gid=CAESECo7TTCANX-y9vsNFRgOqLg&google_cver=1&google_push=AZmPxg9Hb7t0rI0iv6vj6U8abVKNKBbLMrUcdfTPmH8zxfTfIx0mZFKKARIgqL0B3j6c9Emc0-AEHPSTccJ0yoayk8ryXvZSTf4-d5g
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B863
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECyTh5-SyAf_AloUhsWSwRc&google_cver=1&google_push=AZmPxg-Wk7tCGKa14EYy_woxaz06L9fOFvzvKCcPtfAPaqRdh6O42Jot_3BjN1opdL71ei8djqo2pt2e...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECyTh5-SyAf_AloUhsWSwRc&google_cver=1&google_push=AZmPxg-Wk7tCGKa14EYy_woxaz06L9fOFvzvKCcPtfAPaqRdh6O42Jot_3BjN1opdL71ei8djqo...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUwMzIwMTg0NDMyNjc5MTYwNg&google_push=AZmPxg-Wk7tCGKa14EYy_woxaz06L9fOFvzvKCcPtfAPaqRdh6O42Jot_3BjN1opdL71ei8djqo2pt...

170 B
188 B

80ms
79ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUwMzIwMTg0NDMyNjc5MTYwNg&google_push=AZmPxg-Wk7tCGKa14EYy_woxaz06L9fOFvzvKCcPtfAPaqRdh6O42Jot_3BjN1opdL71ei8djqo2pt2eZ8r9qKz_VUpq4anFqEYtBg

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUwMzIwMTg0NDMyNjc5MTYwNg&google_push=AZmPxg-Wk7tCGKa14EYy_woxaz06L9fOFvzvKCcPtfAPaqRdh6O42Jot_3BjN1opdL71ei8djqo2pt2eZ8r9qKz_VUpq4anFqEYtBg
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B863
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI0MBN3SbswOudVM_5loQj4&google_cver=1&google_push=AZmPxg-22kafx0Va6iu0UlL0GGNJUtgnf6p641QE_FCqZthAGGLydZaHymc-fPBsqAIXe7CUjTp...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaRFktRi1MQVdD&google_push=AZmPxg-22kafx0Va6iu0UlL0GGNJUtgnf6p641QE_FCqZthAGGLydZaHymc-fPBsqAIXe7CUjTppwxti5OJWoi4CnjH13nY52PlioQ

170 B
188 B

82ms
81ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaRFktRi1MQVdD&google_push=AZmPxg-22kafx0Va6iu0UlL0GGNJUtgnf6p641QE_FCqZthAGGLydZaHymc-fPBsqAIXe7CUjTppwxti5OJWoi4CnjH13nY52PlioQ

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJOFFaRFktRi1MQVdD&google_push=AZmPxg-22kafx0Va6iu0UlL0GGNJUtgnf6p641QE_FCqZthAGGLydZaHymc-fPBsqAIXe7CUjTppwxti5OJWoi4CnjH13nY52PlioQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B863
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELADBlObfQDugwpPDfsMEo8&google_cver=1&google_push=AZmPxg_tFnjUIdwCLrSm-vM6olH0hSLl2Kh5BiP6SsfgSwA-IGOLuh2l47Ao0sV0VRw43hTQ0YvOAoZ7MMvKHJgMl...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELADBlObfQDugwpPDfsMEo8&google_cver=1&google_push=AZmPxg_tFnjUIdwCLrSm-vM6olH0hSLl2Kh5BiP6SsfgSwA-IGOLuh2l47Ao0sV0VRw43hTQ0YvOAoZ7MMvKHJgMl...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_tFnjUIdwCLrSm-vM6olH0hSLl2Kh5BiP6SsfgSwA-IGOLuh2l47Ao0sV0VRw43hTQ0YvOAoZ7MMvKHJgMl4EmsyD0Igu4sc8&google_hm=FYPPpGZHE2WdcuUFTkO...

170 B
188 B

78ms
77ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_tFnjUIdwCLrSm-vM6olH0hSLl2Kh5BiP6SsfgSwA-IGOLuh2l47Ao0sV0VRw43hTQ0YvOAoZ7MMvKHJgMl4EmsyD0Igu4sc8&google_hm=FYPPpGZHE2WdcuUFTkOpv6t4

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 26 Sep 2022 03:59:52 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_tFnjUIdwCLrSm-vM6olH0hSLl2Kh5BiP6SsfgSwA-IGOLuh2l47Ao0sV0VRw43hTQ0YvOAoZ7MMvKHJgMl4EmsyD0Igu4sc8&google_hm=FYPPpGZHE2WdcuUFTkOpv6t4
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B863
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC3aUvMqD3EhZo_KIR_HyMo&google_cver=1&google_push=AZmPxg9QG8OuaqppBFCSvd4tHKyu03blW0Tc3cxydZlzgOqQamMWXRjeKWwq6mfr0ZJxLkJPwPyj-_wtrlj4Rkyg...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9QG8OuaqppBFCSvd4tHKyu03blW0Tc3cxydZlzgOqQamMWXRjeKWwq6mfr0ZJxLkJPwPyj-_wtrlj4RkygggSaEw_074TNvw

170 B
188 B

83ms
83ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9QG8OuaqppBFCSvd4tHKyu03blW0Tc3cxydZlzgOqQamMWXRjeKWwq6mfr0ZJxLkJPwPyj-_wtrlj4RkygggSaEw_074TNvw

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Sep 2022 03:59:51 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9QG8OuaqppBFCSvd4tHKyu03blW0Tc3cxydZlzgOqQamMWXRjeKWwq6mfr0ZJxLkJPwPyj-_wtrlj4RkygggSaEw_074TNvw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: iuAYZX2rMSgdNGF5BzBNKkl3WlIQqGtCDYKXq3LmzFYjJfAExCFNqA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B863
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBjfcA-yPs0fUHTSCIoEp8U&google_cver=1&google_push=AZmPxg85jk9z1KPrrGJwmGIB3K7MNqdj9ny82obRZACwtx6bEK6saT7DRxL-KQDy8ODSRbb0YsBlgQQP-60e...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg85jk9z1KPrrGJwmGIB3K7MNqdj9ny82obRZACwtx6bEK6saT7DRxL-KQDy8ODSRbb0YsBlgQQP-60erKd3-ajBgNZfYryjnfQ

170 B
188 B

81ms
81ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg85jk9z1KPrrGJwmGIB3K7MNqdj9ny82obRZACwtx6bEK6saT7DRxL-KQDy8ODSRbb0YsBlgQQP-60erKd3-ajBgNZfYryjnfQ

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg85jk9z1KPrrGJwmGIB3K7MNqdj9ny82obRZACwtx6bEK6saT7DRxL-KQDy8ODSRbb0YsBlgQQP-60erKd3-ajBgNZfYryjnfQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B863 0
12 B 154ms
75ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbH7DXAcZJ-yjV7mw1aHQ_0zIm5rFNLwrWpVnvEDhI_tFT3D2XmNBw2uaofkEnvJqGloY1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B12 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 05:59:04 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame B012 36 KB
16 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 05:59:04 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3761 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 05:59:04 GMT

GET
H3 200 sp-push-worker-fb.js Show response
sud.ua/ 64 B
568 B 35ms
35ms XHR
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/sp-push-worker-fb.js
Requested by: Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/28b7ceb6dba8fe7150ac3c08549b1fca_1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9622af46d263b7681d3428ce1dadc7e5c985c0ca3194c9dd59a225d3e1b39aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8398510
cf-polished: origSize=65
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Aug 2019 13:11:19 GMT
server: cloudflare
etag: W/"5d4d70f7-41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxQzVXu8BUaQRQhdD1tlmlVjkdikh6RjH9t%2BdMKtoD6%2FnTF29aErNvj2KAdVMoMSKOclKuRbY%2B60O5QjOjcSggdGeSpj1cVDZ%2BHXeht99CNpCTPUsOdWefiykqIxAypzvLMu3j8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 750916dc5e6d76f5-LHR
cf-bgj: minify

GET
H3

200

/
www.facebook.com/login/ Frame 4E4D
Redirect Chain

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D195181397643045%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

139ms
139ms

Document
text/html

2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D195181397643045%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df33d21bc6a1baac%2526domain%253Dsud.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsud.ua%25252Ff1e105ae49bbf0c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsudgazeta%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=30b10cfed3724b98e179188c5c78f316

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 03:59:51 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ts2T8bQL/hdHNe3EmRicG39s/pjC7gda5Yjz5GTYJYIjCUyzfR2qCZ+qJNTNLRSW4r9H46pXefVWdSiDv1s+bg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 26 Sep 2022 03:59:51 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D195181397643045%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df33d21bc6a1baac%2526domain%253Dsud.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsud.ua%25252Ff1e105ae49bbf0c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsudgazeta%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 3u8TS7gLJSvrACQet26Z3XtD9BhZqKX9SaVIr4qfWXZEyUqCG8KChl9r3jtjoH4RW8oRjcXlpDUnAvY0gnG82Q==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 137ms
56ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04452c1820649f6387f9c2f7e9835df8cf07039e2373f8ca46d8d6f43a1e96df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11228
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Sep 2022 03:59:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6570 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 15689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 23:38:23 GMT
expires: Mon, 25 Sep 2023 23:38:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49F5 783 B
534 B 50ms
49ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5970e030046f14e02b9afcff58ac1519c4af6e28efeef5cee52521886c2f18a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aLspCDTZRvoad7iGkXJJfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-aLspCDTZRvoad7iGkXJJfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 03:59:52 GMT
expires: Mon, 26 Sep 2022 03:59:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6570 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 05:59:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49F5 0
0 75ms
75ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=837425820490067&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6570 0
11 B 40ms
40ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FVAoeQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 03:59:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12F4 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMoZzoGQtIMlWtUf3geEreX4VQ-kJ6Uh7vvN_AQjcZoqj2U9bVDsDvSb93TKL2LEUdZreoCldI70nh9hIgBtxbEeQdMyeSm6tvdtYC76tN-W9MYxkfWl8WjhB2Ak9JhbuzdKmaZA&sai=AMfl-YSCW88oYyAtE02ZsdBRd3IgXqDd20qFnYIHNgGHDZr9X8VivBsD5JZnVM-1EQyK4mj77tcK_z2x242A&sig=Cg0ArKJSzDXVyNw2q0kQEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=284,912,1000,1000,1000&tos=284,628,88,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664164790815&rpt=502&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 03:59:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
79ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=837425820490067&bg=!2dql2p7NAAYIxsuQKMY7ACkAdvg8WhUASzqvt5OqyokRZnM2gazWHxqZMYTLHEb-Jgdl-pdb2yr4lgIAAABVUgAAAAhoAQcKAPzZ_MHd0YcXWKMVWYLpMlxrnmN06OyTKMVGvadGaP5PxfSeBIXFI-RsihzgtQm2hV6JZw1R6K5t1z6AqybxX1CtTOSvdCxAGuJ0jvVZjT0_s5K_DS3cz97cm3YiWD-o9mEzBv3S_RE9J3vDucrji5O02RKw863fGUxaPJurvEZiinSdNcJ_BXOEc3nEnAb0P-GMNjBnHA6XycLkZ2Dgo-KDKKi6Hl6tPE1rWPx-F8onrwyXFmKYKFQy8W09HTmg7ww17GzBg-XYOK8T5vtLM5x5vb2uXEUUhqekJtYxTWRTz6_gBD-ZtJeYj8aihX1-THeOfNLOt2x4MX4jybSZApZhV_78HHvdugdojHAWwdnYUT-MeH2AomJngWY_6317mzOuIqOKmkESr4glp7zs2sWlHNE4r3heUzZpE-GEgbvr0y3w4ZBL6vPkGvBxG6iczPoJLjURducZCBgd4v7ETTBRhGRQfoHuDWhGfPWsLWKHtcl_LFDDc7xHmqEN1PFMZt0BU95RIfTp8RhI_6Kbjr6jhhDF6GepjltSzUvPJqFHEfWxzkyThApfvm_dmoRTkacVKfLTeiz_KHoK3FiOGLhI_-3swVZ8ulE-YkiheS-4fl5bFLwudgPahS4A7Zlqm5v2xSXE3lFsSAB0_lanqz4OvDiJ9Wakq8CVXmZu-8dy2eUut5V72DVm9L1flv8GDvkyv16tk8TsV_ORCgpwph5DfGO4UUoggsZIlbRsmAKQUyIrfHRKFrEtfJzhgjgK36qXub1ElGjNd4bZUkJmM_WtwehaLr5yAWtuhao6_PQOIYzvHjQxXGOc8DMiIjTawXG4Es9sNH01fHF9bjGIMQmoAr6cwdY2xYwit2o9nKQighD1Au_pprRxIVoLMSCY26bdyi5ZWj2iL932fayzl35Q_IEEkUvho4IrL8wIqEVEjCOpENnLLUB4FCabnHDODA9T06xMx1N1marqcj3NeDdYKV9W88qbK_r4bLUXxhJG7MyfcpSLJk7ujCrGlpX805kk0up4nHTVGuXC8jw1fxIZcVVJFl5_OWT3mDHcuiyCnl0xdlLDV7Ory5HgxFzXe-SxrMZGsb3xW_6JL--4ZwggF-9RvJV3icPP-cgLYTlrQP75ASW7Flb1OJSK1JIPk54XQVNzxHjf8s8OAtLDl9tQ3-3rHHujA-RUTzkdmmD5Whbupse1DB5kLrn7VvNqkDu_Yx3WHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 686E 28 B
54 B 92ms
90ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Goog-Request-Time: 1664164792832
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
X-YouTube-Client-Version: 1.20220921.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtxR2duNU1kMWN4USi1x8SZBg%3D%3D
X-YouTube-Ad-Signals: dt=1664164790066&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 26 Sep 2022 03:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 26 Sep 2022 03:59:52 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1B27 28 B
54 B 63ms
58ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Goog-Request-Time: 1664164792857
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
X-YouTube-Client-Version: 1.20220921.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtyQXZCelNrdUQzcyi1x8SZBg%3D%3D
X-YouTube-Ad-Signals: dt=1664164790061&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 26 Sep 2022 03:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 26 Sep 2022 03:59:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL2LkGoYU4zJe2xgItu9G5s&google_cver=1&google_push=AZmPxg9vh6p8pTActUiMpfbND50kNFq7cJIvIDeOU0iLv4j0AA_EnyBzYTFOgewGi5Vj_ser9mRM0KOjtW23oHOG4NO4ztYCC3zOzQ

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJN0Mx-tLEuQijp_gUdBYdE&google_cver=1&google_push=AZmPxg9Q1Llksj73qXOP6O1ZdUFVJMuDfv9OjaqP_RQ8z8C3t4_NOh_l1OBZ1Wa8UE9ibHichs_r7ec_dPwRGDHevzB84gtvxLf9MQ

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sud.ua/	1970-01-20 06:17:31	Name: PHPSESSID Value: o17fedn4ukjtpbe7dv5g7hb296
sud.ua/	1969-12-31 23:59:59	Name: b Value: b
.sud.ua/	1970-01-20 15:52:04	Name: __utma Value: 223010201.647635577.1664164789.1664164789.1664164789.1
.sud.ua/	1969-12-31 23:59:59	Name: __utmc Value: 223010201
.sud.ua/	1970-01-20 10:38:52	Name: __utmz Value: 223010201.1664164789.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.sud.ua/	1970-01-20 06:16:05	Name: __utmt Value: 1
.sud.ua/	1970-01-20 06:16:06	Name: __utmb Value: 223010201.1.10.1664164789
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: vP5lm2CubIM
.youtube.com/	1970-01-20 10:35:16	Name: VISITOR_INFO1_LIVE Value: qGgn5Md1cxQ
sud.ua/	1970-01-20 15:52:04	Name: lapuid Value: a81bd598-5f86-4451-81db-cbb7c2282c09
sud.ua/	1970-01-20 06:16:06	Name: session_id Value: 694c435a-ba25-4cd8-995e-b637424d61c0
sud.ua/	1970-01-20 06:16:06	Name: session_pageview Value: 1664164790.1
sud.ua/	1970-01-20 06:59:16	Name: site_visited Value: 1664251190.1
.sud.ua/	1970-01-20 08:25:40	Name: _fbp Value: fb.1.1664164789735.863523537
a4p.adpartner.pro/	1970-01-20 06:16:08	Name: sud.ua_ref Value:
a4p.adpartner.pro/	1970-01-20 07:42:28	Name: apuid Value: a81bd598-5f86-4451-81db-cbb7c2282c09
a4p.adpartner.pro/	1970-01-20 15:52:04	Name: apudmg Value: 1
.go.rcvlink.com/	1970-01-20 15:52:04	Name: cache Value: tpzb493aumz53ho
.eskimi.com/	1970-01-20 06:59:16	Name: __eConsent Value: 1
.uuidksinc.net/	1970-01-20 15:01:40	Name: jcsuuid Value: DWhLAffNgFE9g4vIIL5Q
a4p.adpartner.pro/	1970-01-20 15:01:40	Name: buyeruid_13 Value: 71189633253
.betweendigital.com/	1970-01-20 15:01:40	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 15:01:40	Name: ss Value: 1
.betweendigital.com/	1970-01-20 15:01:40	Name: tuuid Value: 0b5f1753-9660-520d-9d6b-3a4efe5a19f8
.admixer.net/	1970-01-20 08:25:40	Name: am-uid Value: 0020aa47106f4d2b935f08800eff18a2
.betweendigital.com/	1970-01-20 15:01:40	Name: ut Value: YzEjtgAHWtCWEalcp0oyC9O41Am_lhbXZFNEsQ==
.sud.ua/	1970-01-20 15:37:40	Name: __gads Value: ID=98cdf6592cb7db32-22154d852fce00da:T=1664164790:RT=1664164790:S=ALNI_Ma6lspKvopUkWipyzIs4LRH5rvr7w
a4p.adpartner.pro/	1970-01-20 15:01:40	Name: buyeruid_63 Value: e9584277-7237-460f-6175-97dd2d2035da
a4p.adpartner.pro/	1970-01-20 15:01:40	Name: buyeruid_64 Value: bc7d00be-0c17-40a6-60a5-c6735855198b
a4p.adpartner.pro/	1970-01-20 15:01:40	Name: buyeruid_57 Value: 0b5f1753-9660-520d-9d6b-3a4efe5a19f8
a4p.adpartner.pro/	1970-01-20 15:01:40	Name: buyeruid_47 Value: 0b5f1753-9660-520d-9d6b-3a4efe5a19f8
.doubleclick.net/	1970-01-20 15:37:40	Name: IDE Value: AHWqTUn-2l33RARimIT-D5zOvib31w_tP0-ZjpVQRuee7zslfA1TM8GngEdk4gjOQGY
.rlcdn.com/	1970-01-20 15:01:40	Name: rlas3 Value: J02vcJv9WG706k42ZWYs1UIpXKC7Q+gH59upA/dxO6E=
.casalemedia.com/	1970-01-20 15:01:40	Name: CMID Value: YzEjt2LE.7mIUeF0bTYziQAA
.casalemedia.com/	1970-01-20 08:25:40	Name: CMPS Value: 4420
.casalemedia.com/	1970-01-20 08:25:40	Name: CMPRO Value: 4420
.agkn.com/	1970-01-20 15:01:40	Name: u Value: C\|0CEAqw-A3KsPgNwAAAAAAAQ13AQCAAQpAAAAAAA
.rlcdn.com/	1970-01-20 07:42:28	Name: pxrc Value: CAA=
.doubleclick.net/	1970-01-20 06:16:08	Name: DSID Value: NO_DATA
.innovid.com/	1970-01-20 08:25:40	Name: uuid Value: f812a147-d88a-4627-8742-bc4871c93770-20220925 23:59:51
.casalemedia.com/	1970-01-20 08:25:40	Name: CMTS Value: 4377
.agkn.com/	1970-01-20 15:01:40	Name: ab Value: 0001%3A5KLJM8eQO2DSMhD6zb8OYlUifgLiNyzi
.quantserve.com/	1970-01-20 08:25:40	Name: d Value: ECcBCQGYJ4EA
.quantserve.com/	1970-01-20 15:46:19	Name: mc Value: 633123b7-a6d61-82c84-311e7
.lijit.com/	1970-01-20 15:01:40	Name: ljt_reader Value: FYPPpGZHE2WdcuUFTkOpv6t4
.adform.net/	1970-01-20 06:59:16	Name: C Value: 1
.w55c.net/	1970-01-20 15:44:52	Name: wfivefivec Value: KDd07tPi1OCFhB5
.w55c.net/	1970-01-20 06:59:16	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 07:42:04	Name: uid Value: 2503201844326791606

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL2LkGoYU4zJe2xgItu9G5s&google_cver=1&google_push=AZmPxg9vh6p8pTActUiMpfbND50kNFq7cJIvIDeOU0iLv4j0AA_EnyBzYTFOgewGi5Vj_ser9mRM0KOjtW23oHOG4NO4ztYCC3zOzQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJN0Mx-tLEuQijp_gUdBYdE&google_cver=1&google_push=AZmPxg9Q1Llksj73qXOP6O1ZdUFVJMuDfv9OjaqP_RQ8z8C3t4_NOh_l1OBZ1Wa8UE9ibHichs_r7ec_dPwRGDHevzB84gtvxLf9MQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2535113839332652&fa=1&ifi=8&uci=a!8&btvi=6&xpc=zb6m5Ev5jm&p=https%3A//sud.ua Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
ad.doubleclick.net
ads.betweendigital.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
ap.lijit.com
buttons-config.sharethis.com
c.bigmir.net
c1.adform.net
cdn.sendpulse.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
dclk-match.dotomi.com
dm-eu.hybrid.ai
dsp-trk.eskimi.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
go.rcvlink.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.bigmir.net
i.ytimg.com
id.rlcdn.com
image6.pubmatic.com
inv-nets.admixer.net
jnn-pa.googleapis.com
l.sharethis.com
m.mixadvert.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform-api.sharethis.com
pm.w55c.net
recreativ.ru
rtb.openx.net
s.ad.smaato.net
s.uuidksinc.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
st11.rcvlink.com
static.doubleclick.net
sud.ua
t.trafmag.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
googlecm.hit.gemius.pl
104.18.19.126
13.32.99.51
136.243.84.74
136.243.84.75
142.250.201.194
142.251.39.34
142.251.39.70
144.76.119.17
146.0.227.109
147.135.189.55
188.42.191.196
193.200.65.5
193.239.68.97
193.239.71.100
198.47.127.19
2600:9000:206e:ea00:c:abe:f440:93a1
2600:9000:223f:8000:1b:5138:8a40:93a1
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200e
2a00:1450:4001:828::2016
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:831::2006
2a00:1450:400d:804::200a
2a00:1450:400d:806::200a
2a00:1450:400d:807::2001
2a00:1450:400d:80a::2008
2a00:1450:400d:80e::2003
2a02:6ea0:c700::21
2a02:fa8:8806:20::2040
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce
2a06:98c1:3120::c
3.123.174.3
3.123.239.111
31.220.27.134
34.120.139.69
34.98.67.61
35.186.253.211
35.244.174.68
37.157.6.246
37.18.103.16
51.83.220.94
51.89.9.252
52.29.231.189
69.173.144.138
72.251.249.14
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
00ef2a95740c243e2addb68687c22490cb6a222ba8253ec2abad06e6be3a73dd
013aac80d15ed8391548f0dd202651bd3158d22ac9346a2cbee5533d089a40a7
01650f811314c520a71b059d7d6bd0e2382029d1c6a6f82524400d3563bad922
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
02b5791418bf48985439b12ded8a21a4aad3c257f8716c95f60d55f6fd1f6383
03a36227816959d61be3a6242f5e066fb612b1dfd8d0e10361bc8c9b1c25604e
040da107a9a8583e432e234a4988376915a7ed68c25299abef568229f4fd5288
04452c1820649f6387f9c2f7e9835df8cf07039e2373f8ca46d8d6f43a1e96df
052c6c4b5119f1c65a1356a34b305007fd8833c66c8cb754f66ede780bed767d
080caf1867eb9590d5bc98c4ba64aa0d62ef95efe5bbccc83e52114c18f101ed
08364adf338952c9b2207dd2c6729046e1cd2aaf89d222253d3b0f93cc68382c
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09e13e2877c659c14c2bce594ad6c81b6708724b79dcdc1e74ff77bc6a8875bd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc671d04908e3d1d8011e0a95eecdc4fa3e6fc8b78710460387fb443c7217c3
0d0e854f0c5e37ed1ab3538c97081fe7213c94f0cac3180b717d3d3a8b213074
0f7e3fc292b9281261a076fb3213138e72fc1a2000709df81f07991d6c0c4335
11a2447ab3a606862651d00cdc18df2d41330e7ab7bec1b08f8f90f1ad500b3c
11e30144c310e2f4526967821dc8b90b734e5f8a3e1f593637ab619e77f12d2b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1374a2ac43d378a20eb18d627942763738a8852c80ba2fd86ab9727e76becbff
13cd5c51c459b11de3be896c4efb3cf3c32b5ed3a11128dceac6f712dfeaec3e
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff
17d46ead9f910fcfde400da676a140b14241a2f67c6f2c0557cb2139cb10ebb7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1899e27870bd3ce0a269082ccc8a884de2113e2c362e79c14a907cb76ed5b36e
194afa1f355b957d318df72c1474655ea71c9a7a67a3367773b5d3c3026e1347
1ac0915c398c10651ec89c7e2b46eefbd5fa0fdd2eea6425a2e7edd231588add
1c2069ae50e3fbe6ab400679b37433c40da3c28fe148d015adb04384702d8c06
1d61c2018e6d6642fb0f2c3236693a819b10eb8cfb3e806890b78560503fe668
213bfb43371b952e36681d0e2efe2ac45acbe4c9f1f36d39827a924422bafd96
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
2391b8a5ba3a9b834fe30ba47372851fc1faf2c233f61e9fcffe7e33543b53b1
23bc574466da796f89434f2794ada82e5893f8ec89cb65c1731da1d348bb5684
249e5e95a57065c4b3a379239471de33b9d840d98ef05f924b41dc4e5e5722f3
24f306b82871f7cc1526d1c202c5f38ec7c79a067fb1ac88e534c46db2e7655b
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
260315e4555f49b1337ec2b809c44d6910e10205c65e5141bad381805d2ba826
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705
30b4b5641b2430f0d935fa51e79cd8f19876b80efdab2c3c9cd75077086d4281
30f8d462b525463127b626f5d9053ada2169ed3276e56ee97e55bda688047f17
320322d2684e6f070e34d459683113578616320831bffc5f26640310387e510a
36fc8b8df6869b8cdd2d28a9bf73cde5f4e44c7940f044b68c36715c661c52c6
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3866c07779b40806be1760f7f89cd99f7d5b8c2ddddae9251e4bfdc260eab11f
3a031880a3f28175c0064a4e2a694c9848dea80e18830a0e525b252575430103
3a9a6d45a8b1505d6e8cb42c0a64b026474406f9af7397e290c3747be190496a
3aa8c6c10a50339012de17b71571c52f57ec364a7200a359629aa770e90d20b9
3d1c90770175cf9047fdfb1867eb10b93ed1609d665a16447f247ff64a0836d0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e2a7a63ff39c91714f1e3e241b5e08fa8740b98b40dab91d9074f738117ffc3
41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49c079d691262e11d2d3b8ee08d3f9641f68abfe4ec9111a36258b96c478cc86
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a81f04bb9db35e65cbc6fb315fcd4b9d62b91cdefb07392dd4920feb6a2decc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53b97827062e41a502ec6d9e1007bef6a7e7f561655e9d9960b47fb53a3b8706
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5511ed891736f568e5b67ad635b9e89fc0be52ccc1aa4c33d2db99d78fb0f23e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56511f76cafe16bead397706f76b550623a2e3d016d993a36327a96fa98d48a3
599dc54e55dcba53ded24afcc18f1fffc7cbedc36695daed2b70bc8795bdd509
5bafcba88e633035552c18fd4d513782c53502edf3f0938a5e13e8b55316024f
5c00c6173683a011732668c3e7b5e3081e273b2ab7b0deed3bd9b13b117ae565
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb0a6867e017c1d07862ef57ae439fd9062a8771c8b224c4deae9e26f883108
5d0d1a59fd7d781babdc08f29a1434a7de9aa18cf619ebbfcc8c778580fb4cc8
5dffc7aa478f77837aef3dc2a76b49104d58b7141d108312a05fb3b3a5cccccb
5e0f6224dcecac5dbce8757a3eeec80e4093eaf6177fb1df986155e165d3a915
5f80106f3c9359b98dade4156a5658a631f3382faf9707d18184ca10e8218298
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6207f1cf9052337641a9acad6d23c760a21c403a99ce8a9d4dffb4ac49076e7a
650b0d89118580fd96419aa8b05d77a9f8bb927f41c848fe784e15134affb9af
66588b2601543402785015dbdbb38ec1bf00d5acd718697d39fab6a40cd13ad3
66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48
6799717ea0bb4bc095cf97bc7335664728563cb5572b5368d5dc8033862a0a8f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae2f2e3ecb109d17757f1a6e02bf7d3f40e9c9ad2ee2a9e003a85286659c7b2
6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423
700ad5e597681fb45dfc74f05206ad9c2229a6c710c45b413842ddfe03ce4d50
71dc80b6ecedb77a703c0161cfe3c966cfd57f7a01be6ffbd4b1f84549676da6
7229e3e83f94bc2c3d831630dd37cbae6fe29dab372e325921e0d07802fa1e25
749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a
7601daea9270f13923bf34e1db1159586fb5b68e09ea018b0fc0980ede32029b
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
774e90a51b4189c6ab5cb3badda2c67d60197f464e43333387651f982e6163bf
77801d7bfd8858b02102e180408301a3ce0570241b852165a32fbbc6d8941841
77d7a670085f747c3b8dd8e97a384d983a31c0170fd978f4d905f3be077fd1da
7961cc976c4b87a664d0a35819bfa71f4c51fd77c6d5adc012c628976ff269b0
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7a7eeeb0d683bf6e5e0e92443a20619abcdc9eda8ef65e6a1b9035a7833a5e96
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
800ac331b8d34732e73cfe6848ccbb126306dfab99e4f008de7bfc38841e9693
8267c06af9510b054a71d4370733859fe05d350e08e726178c3a4cc686339309
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84856303f29a606afea4b1d81bd5bb342db337c870f958fc130a2ae23c816b7f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c1adaa75fa89e762e4b0769f4b1253265cedd7da4a0fd812210d13f24faed82
8d1d14f8191806ba0c7ad15cf563279f403ef9c0e388d930ef442f862b89f832
8ed044244db5346eeb60332a8576a024d60b3c3b890f4e31e65149cfb29735c3
8ef6d6383702bc06b134e946c269ece57f40b540882483d804cea173a235831c
92790b9e05187bc624a858155aa72b957d64f04fc53a76a8c477f1285b0085c6
92edbb8398623cfd3a0f0bae9358a9c88a9e4e52e2d1d815aa72cf79d9a7bb8e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99907ac948055f8e2e556c3997d3bb9e2391ac6893d9c11a2524d320569af9e4
9a18fb8b25a1def3766318e4f54544a5e1d3672a434629b77996b637f4452027
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3258b3f961d5f6b43e5d47a9d13ba2424a10c6b987ac7fe8d35185f8f861cd
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a6b29649695122285a0af27dd2ae18a932f869d963a2400ccb9eb330c6234436
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8d545b610a7e10f6e5f9ef979119fda476e5d57c6457883e673a334834398ec
b1f31f5c6acc865e7dac32690cdbbc6dfac759483ce4414eaf02f3fd0d11b009
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b520a6a62709f5753693f0b69d0a4150869f6f7a76eb930a71d334240b51de26
b55da3ab31e6f4e8211675d7761472fefdcc6f8714af83858a63aa72402d13c3
b5970e030046f14e02b9afcff58ac1519c4af6e28efeef5cee52521886c2f18a
b5a6560e6b4d95c6996a3f1f2dc1027d941c26f6400013c68f2cd3511a7217d1
bafc718a9c2a27e99f8b4e7ab44eba88a1ef85261700f83b597cab42a838ec98
bb517a033e9253cf182924086287f09fb788a3c6a7b14ddd1a5334d8f4027829
bc7f26360de6e37c3b54de7a50deb380affab860720c24da480c33efc223407a
bd29d93688f3cfb2f685ca050428cf6ab7cd7d4a7d723a3f39c78f1584419ffd
bd7f80d5aa6a6cc0eed64216457e976c703b4e06b75d4441681d6e90ffe37b33
be6e94ecf29b4cab11120ced07a975654c6a85678b7646f6e92e1c4673206551
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c4b5492c0a053700a9ca37ba763b072b6a069d925116e9d3fc1a9e9591cd5935
c61b748e530463a9f46f1af9bc749d7c33b4a525efcfc35e8b7478522ca16fed
c70070dea8563cf48b07bd826618554ebb5cc1ea6332d024c4697e774c4ce44d
c8853e8db8dbd87dbd0de8f513e1fe5bccd647932a7f3a36953fe041f460bf71
c8e2a00c397f02038b70223a315c58409cd4b29b577c7b67b076c4ddffc1e932
c996c23773e5d7a71734ab33579667f9550463bd5ac611b7921ef3c033c42f24
cd51ccb5a721fa2dee14495f4a2304aa493ee0e1b9e8cdccd5c71681f8679d33
cfac49bec33974b027f5e08c4a7e40a76dca5d3d855b5d260c6eb2e9bdd67e9e
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d396df02b5d1618cfdcca3c3bb68241ce7ced903cd5d3a50604b51821bee86d8
d39876159a565d9c3c7a6abd4c4ac30182045b2c9ed5013aecded4fd9802c86f
d3a7b80b95326e50d2bf45ddcafa9c8c75800b6e3f33bc1b144477c37eb12f98
d42e7078a0496aa2948780c38836903fe0bfeec6540c6ea98d0bdb67c9386069
d457a81338febe795e28f6241669d4d2c35afe0e55e0c11dd9de2c3ab7e3ac73
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
da4b5b07477784514c5b7669c83e1d2ebaec4dff8fa63d4bbf2f56973179b207
de700f74238018d3d7ca9f9db39f7ccd1c6820f6afffcc88b36a3bcfa8c65d50
e0bd393bee9af64934f27539378dd4426d78f9762ee0f24c27533d0f77e47bfe
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e14601fa1c4a3153f7fa73764030fbd33852b5e1c7ff0955959f90803535c5fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4290896de2ed388e9186a88acd6c76baf5b7d830755b809551e9bcd88b6d2f2
e4421d41187e81c01fb405db52576656073cf9cf7f9d1dfb4de1915da0510853
e4c9141010cf4cc43881f45220d5a17e89938fc24d9dd8a3a8b98b36ccd33d30
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e779e1a1547af5542eb2652cd73472e359f8b309baa94965eb3f17e3d777d00d
e79d1280b0336fa2f1f507a1efc1803fe6961a376e1dd6fe0e00ef4e78c9cb59
e7b1e8113c194dea4848fe5718d6655ae65789906f85f31be8f3284ecb181403
e9622af46d263b7681d3428ce1dadc7e5c985c0ca3194c9dd59a225d3e1b39aa
ebfe39b031acb5d2b23a61e788140a47abcdb12db548c28c217fe5b1a7669a78
eccbb214227e24e88bf12fed71e908138b7db5df36c03dd850a96726a0de0a62
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee62871e367d14c0e9373becab9e28a3884c1f9c78b6e006578e80aa989f1185
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f172361447d3fe5e304068a63b0aa28b64ccd7a5dc960fef84b82a16dae9e5ce
f1d3fbd15430e32a46ba707e7d8cbd4b275d45132696af07f1e9f4251d893f84
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9ccdf471cfc392fc8f0cee332bab9174a958b301d54792a344e9d922fecb49e
fa06349d7a5c5709d338cc7280751803297417697db23363b688400a7c0bbecf
fae7a1a8722e16860c1134a7697e021fa2da4defe73cbd0b97f5739c869e7778
fbace05547f06021dd7e2d6e78179fd769e024caeeda44221790bce08887ca45
fd6654e134e9988ef4efd4eea5f5a6ce12d688432268ebca26b63f9fd443813c
fe9cc1207ea12d051fca81ac414e62bb3eca4705d7d2fdc59f8b635fb56bd650

sud.ua Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

322 Requests

91 %HTTPS

46 %IPv6

45 Domains

57 Subdomains

44 IPs

13 Countries

6811 kBTransfer

14916 kBSize

49 Cookies

9 Outgoing links

Page URL History

Redirected requests

322 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sud.ua Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

322
Requests

91 %
HTTPS

46 %
IPv6

45
Domains

57
Subdomains

44
IPs

13
Countries

6811 kB
Transfer

14916 kB
Size

49
Cookies

322 HTTP transactions
14 data transactions