sbo.ua Open in urlscan Pro
65.21.142.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sbo.ua/
Effective URL:
https://sbo.ua/
Submission: On October 26 via api (October 26th 2022, 9:27:03 am UTC) from GB — Scanned from GB

Summary HTTP 164 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 10 countries across 30 domains to perform 164 HTTP transactions. The main IP is 65.21.142.13, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is sbo.ua.
TLS certificate: Issued by R3 on August 5th 2022. Valid for: 3 months.

This is the only time sbo.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	65.21.142.13 65.21.142.13	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	149.5.244.214 149.5.244.214	174 (COGENT-174) (COGENT-174)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4023:140f::5e	15169 (GOOGLE) (GOOGLE)
2	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
11	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.117.52 35.156.117.52	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:5::9	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401f:6::7	15169 (GOOGLE) (GOOGLE)
164	29

36 65.21.142.13 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: sbo.ua

sbo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.5.244.214 (Valbonne, France) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4023:140f::5e (Columbus, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.117.52 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-117-52.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:5::9 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r4---sn-aigl6nsd.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401f:6::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-aigzrn76.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	553 KB
36	sbo.ua 1 redirects sbo.ua	224 KB
27	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 bid.g.doubleclick.net — Cisco Umbrella Rank: 444 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	197 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	107 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	258 KB
9	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3510	4 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 933 r4---sn-aigl6nsd.c.2mdn.net r2---sn-aigzrn76.c.2mdn.net — Cisco Umbrella Rank: 256398	1 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	140 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147 www.google.co.uk — Cisco Umbrella Rank: 3174	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	797 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 671	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 584	572 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 22516	714 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	83 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 777	338 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	351 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 13419	557 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	864 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2865	104 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1565	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	461 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	356 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	691 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	85 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	yandex.ua Failed mc.yandex.ua Failed
164	30

	Domain	Requested by
36	sbo.ua	1 redirects sbo.ua
26	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
20	pagead2.googlesyndication.com	sbo.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sbo.ua
11	cm.g.doubleclick.net	sbo.ua googleads.g.doubleclick.net
9	mc.yandex.ru	3 redirects sbo.ua cdn.jsdelivr.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects sbo.ua googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	r2---sn-aigzrn76.c.2mdn.net	googleads.g.doubleclick.net
2	r4---sn-aigl6nsd.c.2mdn.net	googleads.g.doubleclick.net
2	gcdn.2mdn.net	2 redirects
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	id.rlcdn.com	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	mc.webvisor.org	1 redirects sbo.ua
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	www.google-analytics.com	sbo.ua www.google-analytics.com
2	maxcdn.bootstrapcdn.com	sbo.ua maxcdn.bootstrapcdn.com
1	onetag-sys.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	www.google.co.uk	sbo.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.jsdelivr.net	sbo.ua
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	mc.yandex.ua Failed	sbo.ua
164	41

This site contains no links.

Subject Issuer	Validity	Valid
sbo.ua R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-27` - `2022-12-06`	2 months	crt.sh

This page contains 19 frames:

Primary Page: https://sbo.ua/
Frame ID: F61923BE489D66D0E9767C7E06E154CA
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: DBEF11E7192A65544640725458367067
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=100&slotname=3586964403&adk=3151828671&adf=2479816674&pi=t.ma~as.3586964403&w=970&lmt=1666776417&psa=0&format=970x100&url=https%3A%2F%2Fsbo.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776417533&bpp=4&bdt=286&idt=262&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&correlator=2771155384098&frm=20&pv=2&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5TgJI9TJ4x&p=https%3A//sbo.ua&dtd=277
Frame ID: 1C364689AB0A4F39499111AB43EACB6D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&adk=1812271804&adf=3025194257&lmt=1666776417&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsbo.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776417537&bpp=3&bdt=290&idt=279&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x100&nras=1&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=283
Frame ID: E2338F8BBF4E31685B9C98A494DCE847
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20
Frame ID: CCEBA6B88E17E6DAC8BEAAB2399A0137
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=434601094&pi=t.aa~a.1885888291~i.11~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=1&bdt=1241&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0%2C960x280&nras=3&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Z3Yst4ovD7&p=https%3A//sbo.ua&dtd=25
Frame ID: 33F4DC872E2BBC94C394A840189E40D6
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Frame ID: 99DAC1ADC78E4EF0E1B12221EC6135A6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Frame ID: 487D2B8CD584202138206715DC08B384
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 6CED35BACB443F549300083A6012A1BB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DD3DC16E0E21E0BEDB016D78F0FD3233
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE316373377AD8DE9DF7E3BEFFB60414
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31475E3F33F32989F937C85777A8E9B7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js
Frame ID: 54CA24FFC070619E21C92B9DEF9459E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js
Frame ID: 1F92F2DB761FA7E4EA425358FD0FDF92
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js
Frame ID: 26176657A9AA135C46B238C4BBFDB831
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4D37606CE4E38DA442E2EFC8189DE896
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 34F95F1893CB7C5D5C73FCFD05F8E23D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27AE0A4258936D79E76A05EBB26D1F76
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 508F1F505EC0E68C85EFA93C064D54BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ᐉ Sbo.ua - Бесплатная Доска Объявлений: сайт частных объявлений купить, продать б/у и новые товары

Page URL History Show full URLs

http://sbo.ua/ HTTP 301
https://sbo.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

164
Requests

90 %
HTTPS

61 %
IPv6

30
Domains

41
Subdomains

29
IPs

10
Countries

1674 kB
Transfer

4793 kB
Size

41
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sbo.ua/ HTTP 301
https://sbo.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1027124078725%3Ahid%3A801661279%3Az%3A0%3Ai%3A20221026092657%3Aet%3A1666776418%3Ac%3A1%3Arn%3A711730757%3Arqn%3A1%3Au%3A1666776418618702140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C122%2C152%2C62%2C147%2C0%2C%2C195%2C19%2C%2C%2C%2C679%3Acpf%3A1%3Ans%3A1666776416818%3Ast%3A1666776418&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1027124078725%3Ahid%3A801661279%3Az%3A0%3Ai%3A20221026092657%3Aet%3A1666776418%3Ac%3A1%3Arn%3A711730757%3Arqn%3A1%3Au%3A1666776418618702140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C122%2C152%2C62%2C147%2C0%2C%2C195%2C19%2C%2C%2C%2C679%3Acpf%3A1%3Ans%3A1666776416818%3Ast%3A1666776418&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 43

https://mc.yandex.ru/watch/50169979?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A615321979825%3Ahid%3A801661279%3Az%3A0%3Ai%3A20221026092657%3Aet%3A1666776418%3Ac%3A1%3Arn%3A385143517%3Arqn%3A1%3Au%3A1666776418618702140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C122%2C152%2C62%2C147%2C0%2C%2C195%2C19%2C%2C%2C%2C679%3Acpf%3A1%3Ans%3A1666776416818%3Arqnl%3A1%3Ast%3A1666776418%3At%3A%E1%90%89%20Sbo.ua%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%9E%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%3A%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%87%D0%B0%D1%81%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%B1%2F%D1%83%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/50169979/1?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A615321979825%3Ahid%3A801661279%3Az%3A0%3Ai%3A20221026092657%3Aet%3A1666776418%3Ac%3A1%3Arn%3A385143517%3Arqn%3A1%3Au%3A1666776418618702140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C122%2C152%2C62%2C147%2C0%2C%2C195%2C19%2C%2C%2C%2C679%3Acpf%3A1%3Ans%3A1666776416818%3Arqnl%3A1%3Ast%3A1666776418%3At%3A%E1%90%89%20Sbo.ua%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%9E%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%3A%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%87%D0%B0%D1%81%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%B1%2F%D1%83%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 53

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9803.ylOogIyBzCRibL6TP2YXQ_5IwwuvDUNY06AWUjzL2y_bhUY-RRqIsqnoFR6mCHMu.EKMJv6oKXtUQnFAZyO3o4QB1t08%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9803.gkZcTmvx18HG6hK6xbZekPtXXRh5tNxgQ-OahzUq9cpT5O4DdpYP4ot7qPjy8xq07DQWZUf5Dp_jf-4b3X94ALsYY54dmyy7B6XjW9gPRjQ%2C.SX7JaS3-FUH3ufCFYJy3LOf-xo4%2C

Request Chain 123

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-vCn6h-CZmTqcaPzTqQWIiwoPqn2V2QWs2nqbV6St5obeiNw6Cd8Gf9T37MJkbmjXkS_fsjjoGpOF3kc48noTMKa-SyOyU&google_gid=CAESEI4MlwcLtZwT6CJybPhuwYs&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOP645oGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWm1QeGctdkNuNmgtQ1ptVHFjYVB6VHFRV0lpd29QcW4yVjJRV3MybnFiVjZTdDVvYmVpTnc2Q2Q4R2Y5VDM3TUprYm1qWGtTX2ZzampvR3BPRjNrYzQ4bm9UTUthLVN5T3lV HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdTBEOVMwQ0V3MXN0YXVmNWctQnNaWWY2eFBaU19Ga1BtSDFiT3JNNlp1WQ==&google_push

Request Chain 125

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBjoP0-2TnPwrt5az5wVRqQ&google_cver=1&google_push=AZmPxg_uU0qGTX7ihbFSN1Nt_C3yICiKdeGsc2EtcWhJU-5TQiWqrhwon20C0oSrFRUTofQZWokVoUMXFHCqIXfKgliwpeBKm0xW HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBjoP0-2TnPwrt5az5wVRqQ&google_cver=1&google_push=AZmPxg_uU0qGTX7ihbFSN1Nt_C3yICiKdeGsc2EtcWhJU-5TQiWqrhwon20C0oSrFRUTofQZWokVoUMXFHCqIXfKgliwpeBKm0xW&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eaE8oFndRD2iame0whRK9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_uU0qGTX7ihbFSN1Nt_C3yICiKdeGsc2EtcWhJU-5TQiWqrhwon20C0oSrFRUTofQZWokVoUMXFHCqIXfKgliwpeBKm0xW

Request Chain 126

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFRwagkH-rJmYngYDLcWTzc&google_cver=1&google_push=AZmPxg_zhFwilHW_t5wzphlJVdoJR1Vi-Qpi47YZRcrKR235quhghhytZXCYXlJHN_Xdz6df7l6xNqAfZBrBOVNuan-xHZehs2TK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlQRk44RjYtMVItM0xZRw==&google_push=AZmPxg_zhFwilHW_t5wzphlJVdoJR1Vi-Qpi47YZRcrKR235quhghhytZXCYXlJHN_Xdz6df7l6xNqAfZBrBOVNuan-xHZehs2TK

Request Chain 127

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMelIk-oeTUlQ5JpWVUk5vI&google_cver=1&google_push=AZmPxg-tVaP7M62RHfxSvlvBfqH_TD_PAVrwmCIcEzxIUEtJlJ_Tbl58FNH-Jah2hyo9t9VF_Ag0uotGZELiIcnzxsaG4VikMc2- HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMelIk-oeTUlQ5JpWVUk5vI&google_push=AZmPxg-tVaP7M62RHfxSvlvBfqH_TD_PAVrwmCIcEzxIUEtJlJ_Tbl58FNH-Jah2hyo9t9VF_Ag0uotGZELiIcnzxsaG4VikMc2-&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMelIk-oeTUlQ5JpWVUk5vI&google_hm=Y1j9Y049bDhnKPq5OWNQjQAAEOQAAAAB&google_nid=index&google_push=AZmPxg-tVaP7M62RHfxSvlvBfqH_TD_PAVrwmCIcEzxIUEtJlJ_Tbl58FNH-Jah2hyo9t9VF_Ag0uotGZELiIcnzxsaG4VikMc2-

Request Chain 132

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAkuwBxcxNxPSD04lu46IZg&google_cver=1&google_push=AZmPxg_rgM5SK78Vjgat6_twYuQH01Tfo2RrghOcSoQUMPsrUjw1CexVHaVtO_vMC-uA7R5cvebsDuvrtBvw3zqusbiDF3jjXSeQr70 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_rgM5SK78Vjgat6_twYuQH01Tfo2RrghOcSoQUMPsrUjw1CexVHaVtO_vMC-uA7R5cvebsDuvrtBvw3zqusbiDF3jjXSeQr70

Request Chain 133

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPO_M0cC1sqgq7nAwKuIZYs&google_cver=1&google_push=AZmPxg-OIsazz_HQ10fxswNm3hYkCyyvHzx6eIUd2zOIxKDEfIoyAAWbC-sGXTQGYob2KkzFWZ2skCLlBuUeTQmL8bQP8xbgVb5BxhE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JFHXTvDLS3m3BN0DXy1xig2&google_push=AZmPxg-OIsazz_HQ10fxswNm3hYkCyyvHzx6eIUd2zOIxKDEfIoyAAWbC-sGXTQGYob2KkzFWZ2skCLlBuUeTQmL8bQP8xbgVb5BxhE

Request Chain 135

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKw7n6qAULAuPwwaQBNAC9M&google_cver=1&google_push=AZmPxg8yOaqTKJjvqR2zvwTjoBaKrHHcwvhCh7gZQvhvoCLESXlgklK-5426JZzzO48XmCZ82OWrCgQPKjfOm_qWOagYK7VdgtoWj5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8yOaqTKJjvqR2zvwTjoBaKrHHcwvhCh7gZQvhvoCLESXlgklK-5426JZzzO48XmCZ82OWrCgQPKjfOm_qWOagYK7VdgtoWj5Q

Request Chain 136

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENOhfraAnNAu8nwbo8ZNxIY&google_cver=1&google_push=AZmPxg_FpGhQ7e9Kg9_lmBJdYauTbBjPE8bFsRmtaKX7mykzW2EuhMMy1Vg4GucyjgHA90AwZa5V0ddj0-NE04r2PJQeVAqfFhsP9Yc HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENOhfraAnNAu8nwbo8ZNxIY&google_cver=1&google_push=AZmPxg_FpGhQ7e9Kg9_lmBJdYauTbBjPE8bFsRmtaKX7mykzW2EuhMMy1Vg4GucyjgHA90AwZa5V0ddj0-NE04r2PJQeVAqfFhsP9Yc&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sczRnaEVCRTJ1R1hCZ0RxRThSb2FqODlSQ0FycVBRTn5B&google_push=AZmPxg_FpGhQ7e9Kg9_lmBJdYauTbBjPE8bFsRmtaKX7mykzW2EuhMMy1Vg4GucyjgHA90AwZa5V0ddj0-NE04r2PJQeVAqfFhsP9Yc

Request Chain 137

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg9l_n-saSRg096bR9qEURpmlvvFjUkHjYZZgQA_EMoagAnHhIJ74lj6Z8v6zAIpWUq5eKDKilSK6GA0B8c9BzzuGC4iZQTwKuQm?google_gid=CAESEIibSVnsYLuPTKuGhgXPNh0&google_cver=1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg9l_n-saSRg096bR9qEURpmlvvFjUkHjYZZgQA_EMoagAnHhIJ74lj6Z8v6zAIpWUq5eKDKilSK6GA0B8c9BzzuGC4iZQTwKuQm?google_gid=CAESEIibSVnsYLuPTKuGhgXPNh0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e3ea83d7-1b4e-4877-9552-b7bf44d1f6a4&&google_push=AZmPxg9l_n-saSRg096bR9qEURpmlvvFjUkHjYZZgQA_EMoagAnHhIJ74lj6Z8v6zAIpWUq5eKDKilSK6GA0B8c9BzzuGC4iZQTwKuQm

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://gcdn.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6BE2B04862C74E9D165A490013EE21267F28D9B6.6CB1AA8151D2E7AC963F0867449575BB3495B4B/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-aigl6nsd.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60CCDC9EA94C56B777126563F781AB55E9C06D39.65A1B47D9E6482C9C20018A5EDB02648BCEC62E1/key/cms1/cms_redirect/yes/mh/9z/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1666776290/mv/m/mvi/4/pl/48/file/file.mp4

Request Chain 144

https://gcdn.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6BE2B04862C74E9D165A490013EE21267F28D9B6.6CB1AA8151D2E7AC963F0867449575BB3495B4B/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-aigzrn76.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6263F662341485547177FAB1FB6E5B4E2C0367B0.626D24B6738ABBE1C07ED3B18CCE9678DE0345D6/key/cms1/cms_redirect/yes/mh/9z/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigzrn76/ms/onc/mt/1666775813/mv/m/mvi/2/pl/48/file/file.mp4

164 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sbo.ua/
Redirect Chain

http://sbo.ua/
https://sbo.ua/

59 KB
13 KB

275ms
152ms

Document
text/html

65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PHP/7.0.33 PleskLin

Resource Hash

1dbf195b3894b3a3b22ce8743e090650d5882dd213a1219083c09b17c19c41ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 12891
content-type: text/html; charset=UTF-8
date: Wed, 26 Oct 2022 09:26:57 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.0.33 PleskLin
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 26 Oct 2022 09:26:56 GMT
Location: https://sbo.ua/
Server: nginx

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 112ms
41ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 4857949
cdn-cachedat: 03/12/2022 16:05:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cdn-cache: HIT
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b02d7423478bce9861d85b1a04dba811
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 760227405b45dd77-LHR
cdn-requestpullsuccess: True

GET
H2 200 owl.carousel.13df3bd00e1724594149df769046d116.css
sbo.ua/files/min/ 2 KB
696 B 67ms
63ms Stylesheet
text/css 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/owl.carousel.13df3bd00e1724594149df769046d116.css?v=8af562

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

74e3956da67c3d9bdbf78f96eb4be3ca56d89972657d2045b57af58e1c401ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Thu, 29 Aug 2019 20:21:32 GMT
server: nginx
etag: W/"5d6833cc-6e7"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 custom-bootstrap.d545f98adbc91ea49eb584ef1728e0d8.css
sbo.ua/files/min/ 165 KB
22 KB 73ms
69ms Stylesheet
text/css 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/custom-bootstrap.d545f98adbc91ea49eb584ef1728e0d8.css?v=4c9ebd

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

5f530c4c444741548fa001bf0bcc17e8c703c8e2453e53cfb87ef091ab1df174

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Thu, 29 Aug 2019 20:18:42 GMT
server: nginx
etag: W/"5d683322-29279"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 main.414147f4b7bab3731036036e02b2cf63.css
sbo.ua/files/min/ 222 KB
34 KB 131ms
128ms Stylesheet
text/css 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/main.414147f4b7bab3731036036e02b2cf63.css?v=c40648

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

c80aaa6d8ed8c251c3200e6455a3e637f14144ab6430c63660397b49b1920c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 24 Feb 2021 13:21:04 GMT
server: nginx
etag: W/"603652c0-37715"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 custom.4bec27eeb908d35626e85d1708f51e19.css
sbo.ua/files/min/ 0
171 B 166ms
163ms Stylesheet
text/css 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/custom.4bec27eeb908d35626e85d1708f51e19.css?v=d41d8c

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Thu, 29 Aug 2019 20:18:42 GMT
server: nginx
etag: "5d683322-0"
x-powered-by: PleskLin
content-type: text/css
accept-ranges: bytes
content-length: 0

GET
H2 200 common-t0a6539.ecec3d2197b3b9fb2f5a22a5527d3cd0.css
sbo.ua/files/min/ 23 KB
4 KB 167ms
164ms Stylesheet
text/css 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/common-t0a6539.ecec3d2197b3b9fb2f5a22a5527d3cd0.css?v=2e5bcd

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

db06a2823e912a519da92df7eb70da3a2ac8b030eadcfd226831f3972668ade4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 03 Jun 2020 13:50:05 GMT
server: nginx
etag: W/"5ed7aa8d-5a6a"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 base-t0a6539.667d4f89efbb530704342ea335ee7a1f.css
sbo.ua/files/min/ 435 B
385 B 167ms
165ms Stylesheet
text/css 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/base-t0a6539.667d4f89efbb530704342ea335ee7a1f.css?v=a7a12b

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

66bfea983e7589fd7ce5457f8894522260337f38874411f7b2aa6ae0a0c6226b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 03 Jun 2020 13:50:05 GMT
server: nginx
etag: W/"5ed7aa8d-1b3"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 custom-t0a6539.885a692fd34ae9c7bbe52178479bf228.css
sbo.ua/files/min/ 0
171 B 167ms
166ms Stylesheet
text/css 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/custom-t0a6539.885a692fd34ae9c7bbe52178479bf228.css?v=d41d8c

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 03 Jun 2020 13:50:05 GMT
server: nginx
etag: "5ed7aa8d-0"
x-powered-by: PleskLin
content-type: text/css
accept-ranges: bytes
content-length: 0

GET
H2 200 noresponsive.944153551c9dc34de27714489023e954.css
sbo.ua/files/min/ 5 KB
1 KB 168ms
166ms Stylesheet
text/css 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/noresponsive.944153551c9dc34de27714489023e954.css?v=98228d

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

503807cb1d742664194c7c9bfbeac80ef0eb2ede1d8de36e000cde237b35a455

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Thu, 29 Aug 2019 20:18:42 GMT
server: nginx
etag: W/"5d683322-139d"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 171 KB
55 KB 162ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d8d21983f910519945e1b38081d22b02afd760fb1d2e148fd9beae3c8038c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55701
x-xss-protection: 0
server: cafe
etag: 6242737171979034382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 09:26:57 GMT

GET
H2 200 17
sbo.ua/bn/show/ 43 B
358 B 165ms
161ms Image
image/gif 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/bn/show/17

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PHP/7.0.33, PleskLin

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 19 Jun 2021 21:55:48 GMT
server: nginx
x-powered-by: PHP/7.0.33, PleskLin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/gif
content-length: 57
x-xss-protection: 1; mode=block
expires: Fri, 29 Jun 2000 14:30:00 GMT

GET
H2 200 acf61f586c51e6e13a0822fbe29363b3_view200e86c8cc.png
sbo.ua/files/images/extensions/ 33 KB
33 KB 144ms
140ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/extensions/acf61f586c51e6e13a0822fbe29363b3_view200e86c8cc.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

38e7b9ca19ffebfb25e3c084306c1db6956e44e8a3f98a14134d7a9b4f938ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Tue, 12 Mar 2019 08:28:11 GMT
server: nginx
etag: "5c876d9b-82f0"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 33520

GET
H2 200 2o8a0b.png
sbo.ua/files/images/cats/ 2 KB
2 KB 144ms
140ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/2o8a0b.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

0bfef1a95c7d328b87846a385d2d9ea3e7f87e507afd6dcaac868c928464a58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-87a"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 2170

GET
H2 200 3odb72.png
sbo.ua/files/images/cats/ 1 KB
1 KB 145ms
141ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/3odb72.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

02d8f64765e9c3b946b6f3e0f34539fc29a0158fdd11832fd4d567078ebff222

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-52c"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1324

GET
H2 200 36o8578.png
sbo.ua/files/images/cats/ 3 KB
3 KB 145ms
141ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/36o8578.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

90a8232c9cb8de2e8e5e45b8c1962ba78cbd61f338af7dfeca6557fd60301580

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-a9e"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 2718

GET
H2 200 37of782.png
sbo.ua/files/images/cats/ 1 KB
1 KB 146ms
142ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/37of782.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

220de0359b7924c4e6ab8282e217315d097ab146f902c5c30c077a3eb8f4ad1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-507"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1287

GET
H2 200 35o19dd.png
sbo.ua/files/images/cats/ 3 KB
3 KB 146ms
142ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/35o19dd.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

d15d8e5719d5db6322e95e75dcb973ba0c57c59837be846fce64f1306b9fd79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-ae9"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 2793

GET
H2 200 7ocec5.png
sbo.ua/files/images/cats/ 2 KB
2 KB 146ms
143ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/7ocec5.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

294e84c9a3c15d0de91fff7144c980567f6cab83f79e8f1f82243c436e6b7ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-890"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 2192

GET
H2 200 891o4a72.png
sbo.ua/files/images/cats/ 1 KB
1 KB 147ms
143ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/891o4a72.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

1d3306651bbcc559878ecc10aa47351f0aae66ff721b71f8fe41d116ddffa4b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-4a3"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1187

GET
H2 200 899o5e95.png
sbo.ua/files/images/cats/ 1 KB
2 KB 147ms
144ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/899o5e95.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

702946a3006dde2253d4f53b8b7bf2cd0f38b6744c88ac9cb4a1d76ceb439355

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-588"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1416

GET
H2 200 675o9eac.png
sbo.ua/files/images/cats/ 1 KB
2 KB 147ms
145ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/675o9eac.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

3b7489d60ed881f5afebf99237a2c3846ffb0c51ad829a3ab5e12f3885e8335a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-56d"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1389

GET
H2 200 6o498a.png
sbo.ua/files/images/cats/ 2 KB
2 KB 148ms
145ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/6o498a.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

dd909b599113334d60d215effdc922df459e70de2b01648d79a93b8ab3ecaa80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-7cc"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1996

GET
H2 200 903of0f2.png
sbo.ua/files/images/cats/ 2 KB
2 KB 148ms
146ms Image
image/png 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/cats/903of0f2.png

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

b7bcac105b3cf6f11c7e78336ec0710cce355c0a8c0b541dcdf6e3669b59d03f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 04 Aug 2018 08:22:15 GMT
server: nginx
etag: "5b656237-842"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 2114

GET
H2 200 786176m11ea68a5.jpg
sbo.ua/files/images/items/786/ 6 KB
6 KB 149ms
146ms Image
image/jpeg 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/items/786/786176m11ea68a5.jpg

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

36f86f0236096ecae0facf9cd468c820996234c6f827f2f484d817be7b7b826f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Mon, 08 Aug 2022 12:34:57 GMT
server: nginx
etag: "62f102f1-172a"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 5930

GET
H2 200 104993m18a90400.jpg
sbo.ua/files/images/items/104/ 5 KB
5 KB 149ms
147ms Image
image/jpeg 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/items/104/104993m18a90400.jpg

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

fc7d5ab2393a8298448c75a41a743afdbafe13a1fbe4cbd69205006c30521dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Fri, 19 Jun 2020 09:20:35 GMT
server: nginx
etag: "5eec8363-14ee"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 5358

GET
H2 200 777168m2f98dcd3.jpg
sbo.ua/files/images/items/777/ 6 KB
7 KB 149ms
147ms Image
image/jpeg 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/files/images/items/777/777168m2f98dcd3.jpg

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

1d7087fafff9efe1dfffa3b4000742f05318decd3d05994130039cd3fcae206f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 22 Jun 2022 22:17:38 GMT
server: nginx
etag: "62b39502-19d6"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 6614

GET
H2 200 jquery.min.df692f826ba3dfa019cdc0fa7f5c8f31.js Show response
sbo.ua/files/min/ 92 KB
32 KB 127ms
118ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/jquery.min.df692f826ba3dfa019cdc0fa7f5c8f31.js?v=56852e

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

2718b0dcbba10f735be20dd04e03883439cd9338564d25b899cdf9bd0b653fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 10 Dec 2019 13:22:05 GMT
server: nginx
etag: W/"5def9bfd-17043"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 bff.e76fb6a88e4674fca6ce168bd3048cf2.js Show response
sbo.ua/files/min/ 28 KB
10 KB 126ms
117ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/bff.e76fb6a88e4674fca6ce168bd3048cf2.js?v=4b273c

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

bf01316116338904418de867eb5d44b8106e697f119662781658b0daa7128d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Wed, 03 Jun 2020 13:17:13 GMT
server: nginx
etag: W/"5ed7a2d9-6f85"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 bootstrap.min.2fc0c035045c561554eaf56861484a3b.js Show response
sbo.ua/files/min/ 28 KB
7 KB 126ms
117ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/bootstrap.min.2fc0c035045c561554eaf56861484a3b.js?v=2916bd

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 10 Dec 2019 13:22:05 GMT
server: nginx
etag: W/"5def9bfd-6f7a"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 app.d66b27bf04de7a4f52083a9c0bbc3d72.js Show response
sbo.ua/files/min/ 20 KB
7 KB 126ms
118ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/app.d66b27bf04de7a4f52083a9c0bbc3d72.js?v=0c8be8

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

cad458d9ae966a219f34ae8b4dfeb55b1f6aaa79cce5edfafe8f41926a209062

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 06 Oct 2020 07:37:03 GMT
server: nginx
etag: W/"5f7c1e9f-4e78"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 owl.carousel.min.69c4549ae30c07be34c5be190a42b4d4.js Show response
sbo.ua/files/min/ 15 KB
7 KB 125ms
119ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/owl.carousel.min.69c4549ae30c07be34c5be190a42b4d4.js?v=8dde8b

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

c1edc4b3b4abb51bd3eaba651308588fc3d2bf5a83865b4b319549566b0a6858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 10 Dec 2019 13:22:06 GMT
server: nginx
etag: W/"5def9bfe-3ad5"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 site.index.49efc5af9459e51eb565cdb4265137c5.js Show response
sbo.ua/files/min/ 1 KB
758 B 125ms
119ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/site.index.49efc5af9459e51eb565cdb4265137c5.js?v=7b2509

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

4960b241b03eb34bb77c5b684daf3c96be5ebcfee350e661b5d84d678201d8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Thu, 29 Aug 2019 20:21:32 GMT
server: nginx
etag: W/"5d6833cc-4d6"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 filter.716546cd9a4747f0860c697214a466cd.js Show response
sbo.ua/files/min/ 8 KB
2 KB 125ms
120ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/filter.716546cd9a4747f0860c697214a466cd.js?v=75bcb5

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

361d21a5692ec6c1ed1a493eb0da2059c408b65e36a9476ac2070f92908a7a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 06 Oct 2020 07:37:03 GMT
server: nginx
etag: W/"5f7c1e9f-1fe1"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 autocomplete.6fbea234fa3872f30b4f0ba66e2e7e49.js Show response
sbo.ua/files/min/ 6 KB
2 KB 125ms
120ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/autocomplete.6fbea234fa3872f30b4f0ba66e2e7e49.js?v=545412

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

31132fa42abfe16afac2d2455aff79feeb93feb4eb656ebec4186c2423ffd37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 06 Oct 2020 07:37:03 GMT
server: nginx
etag: W/"5f7c1e9f-199b"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 bbs.search.c6c58b93a45b84ec82d4b5add5adddad.js Show response
sbo.ua/files/min/ 37 KB
8 KB 125ms
121ms Script
application/javascript 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sbo.ua/files/min/bbs.search.c6c58b93a45b84ec82d4b5add5adddad.js?v=168854

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PleskLin

Resource Hash

1a80604f1c1acaf6b6b9cb0724c02e909a88405d1520221083ef29051774647c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br
last-modified: Tue, 06 Oct 2020 07:37:03 GMT
server: nginx
etag: W/"5f7c1e9f-9278"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 204 index.php
sbo.ua/ 0
269 B 91ms
90ms Image
text/plain 65.21.142.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sbo.ua/index.php?bff=device&type=desktop

Requested by

Host: sbo.ua
URL: https://sbo.ua/files/min/main.414147f4b7bab3731036036e02b2cf63.css?v=c40648

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.21.142.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

sbo.ua

Software

nginx / PHP/7.0.33, PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/files/min/main.414147f4b7bab3731036036e02b2cf63.css?v=c40648
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-xss-protection: 1; mode=block
date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=15768000; includeSubDomains
server: nginx
x-powered-by: PHP/7.0.33, PleskLin
vary: User-Agent
x-frame-options: SAMEORIGIN

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 81ms
45ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://sbo.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 947
age: 25199
cdn-cachedat: 07/16/2022 17:19:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1ad7339de344bf080a24679518ab26d6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 760227417beed180-LHR
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 09:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1499
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 11:01:58 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 210 KB
85 KB 120ms
58ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2aa593046e7ccafdb3f6b20df74c3aec1db190ac849308ddd738b3bb7d8ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 42581
x-jsd-version: 1.248.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19157-FRA, cache-yyz4582-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"346fc-af2z7qF2rEuERVVyudEDx70SML4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76022741ac6a8e32-LHR

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 353 KB
116 KB 162ms
80ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7636522320674355&plah=sbo.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d71a9aa34de3fb2a96e6f718a8719420a6b87ca53971955016ec8c0ecb641b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118749
x-xss-protection: 0
server: cafe
etag: 11116654275119743253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 09:26:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame DBEF 10 KB
5 KB 128ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 15:18:21 GMT
etag: 9671129459699598864
expires: Tue, 08 Nov 2022 15:18:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 128ms
46ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1372572450&t=pageview&_s=1&dl=https%3A%2F%2Fsbo.ua%2F&ul=en-us&de=UTF-8&dt=%E1%90%89%20Sbo.ua%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%9E%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%3A%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%87%D0%B0%D1%81%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%B1%2F%D1%83%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1023336518&gjid=129830869&cid=40815159.1666776418&tid=UA-99362998-1&_gid=1110428020.1666776418&_r=1&_slc=1&z=285176216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sbo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sbo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

256 B
363 B

93ms
92ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1027124078725%3Ahid%3A801661279%3Az%3A0%3Ai%3A20221026092657%3Aet%3A1666776418%3Ac%3A1%3Arn%3A711730757%3Arqn%3A1%3Au%3A1666776418618702140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C122%2C152%2C62%2C147%2C0%2C%2C195%2C19%2C%2C%2C%2C679%3Acpf%3A1%3Ans%3A1666776416818%3Ast%3A1666776418&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c48f44da2243a518830a174613cf9629798236def79100e6b6fd1a08915b654d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 26-Oct-2022 09:26:58 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sbo.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 09:26:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26-Oct-2022 09:26:57 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1027124078725%3Ahid%3A801661279%3Az%3A0%3Ai%3A20221026092657%3Aet%3A1666776418%3Ac%3A1%3Arn%3A711730757%3Arqn%3A1%3Au%3A1666776418618702140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C122%2C152%2C62%2C147%2C0%2C%2C195%2C19%2C%2C%2C%2C679%3Acpf%3A1%3Ans%3A1666776416818%3Ast%3A1666776418&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://sbo.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 09:26:57 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/50169979/
Redirect Chain

https://mc.yandex.ru/watch/50169979?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
https://mc.yandex.ru/watch/50169979/1?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...

446 B
595 B

98ms
89ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/50169979/1?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A615321979825%3Ahid%3A801661279%3Az%3A0%3Ai%3A20221026092657%3Aet%3A1666776418%3Ac%3A1%3Arn%3A385143517%3Arqn%3A1%3Au%3A1666776418618702140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C122%2C152%2C62%2C147%2C0%2C%2C195%2C19%2C%2C%2C%2C679%3Acpf%3A1%3Ans%3A1666776416818%3Arqnl%3A1%3Ast%3A1666776418%3At%3A%E1%90%89%20Sbo.ua%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%9E%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%3A%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%87%D0%B0%D1%81%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%B1%2F%D1%83%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f77d09d0283a5e591c943082e6eb042ef8c671d52c0c189dfa1df716de570569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 26-Oct-2022 09:26:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sbo.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 446
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 09:26:57 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26-Oct-2022 09:26:57 GMT
location: /watch/50169979/1?wmode=7&page-url=https%3A%2F%2Fsbo.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A615321979825%3Ahid%3A801661279%3Az%3A0%3Ai%3A20221026092657%3Aet%3A1666776418%3Ac%3A1%3Arn%3A385143517%3Arqn%3A1%3Au%3A1666776418618702140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C122%2C152%2C62%2C147%2C0%2C%2C195%2C19%2C%2C%2C%2C679%3Acpf%3A1%3Ans%3A1666776416818%3Arqnl%3A1%3Ast%3A1666776418%3At%3A%E1%90%89%20Sbo.ua%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%9E%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%3A%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%87%D0%B0%D1%81%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%B1%2F%D1%83%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://sbo.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 09:26:57 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
290 B 280ms
94ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 26 Oct 2022 10:26:57 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
438 B 107ms
36ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-99362998-1&cid=40815159.1666776418&jid=1023336518&gjid=129830869&_gid=1110428020.1666776418&_u=IEBAAEAAAAAAACAAI~&z=1175230458

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sbo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 09:26:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sbo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
691 B 146ms
51ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sbo.ua&callback=_gfp_s_&client=ca-pub-7636522320674355&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7636522320674355&plah=sbo.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c342e86d744ce838eab3ff01b25941f78120505f86bf8b7d986670486c40aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 160ms
53ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sbo.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 141ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sbo.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C36 113 KB
34 KB 687ms
601ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=100&slotname=3586964403&adk=3151828671&adf=2479816674&pi=t.ma~as.3586964403&w=970&lmt=1666776417&psa=0&format=970x100&url=https%3A%2F%2Fsbo.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776417533&bpp=4&bdt=286&idt=262&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&correlator=2771155384098&frm=20&pv=2&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5TgJI9TJ4x&p=https%3A//sbo.ua&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99c284b20c09e7a69d4b129c6309faa30c646ab70c255281cbf85fc4e46614e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35106
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:26:58 GMT
expires: Wed, 26 Oct 2022 09:26:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E233 248 KB
64 KB 622ms
546ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&adk=1812271804&adf=3025194257&lmt=1666776417&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsbo.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776417537&bpp=3&bdt=290&idt=279&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x100&nras=1&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=283

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcce44615b55a92cc4aa9206d88933524e7b598b3fc5633a1f697600114a2eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65963
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:26:58 GMT
expires: Wed, 26 Oct 2022 09:26:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 167ms
65ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99362998-1&cid=40815159.1666776418&jid=1023336518&_u=IEBAAEAAAAAAACAAI~&z=1632740417

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 169ms
67ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99362998-1&cid=40815159.1666776418&jid=1023336518&_u=IEBAAEAAAAAAACAAI~&z=1632740417

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9803.ylOogIyBzCRibL6TP2YXQ_5IwwuvDUNY06AWUjzL2y_bhUY-RRqIsqnoFR6mCHMu.EKMJv6oKXtUQnFAZyO3o4QB1t08%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9803.gkZcTmvx18HG6hK6xbZekPtXXRh5tNxgQ-OahzUq9cpT5O4DdpYP4ot7qPjy8xq07DQWZUf5Dp_jf-4b3X94ALsYY54dmyy7B6XjW9gPRjQ%2C.SX7JaS3-FUH3ufCFYJy3LOf-xo...

43 B
359 B

81ms
81ms

Image
image/gif

149.5.244.214
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9803.gkZcTmvx18HG6hK6xbZekPtXXRh5tNxgQ-OahzUq9cpT5O4DdpYP4ot7qPjy8xq07DQWZUf5Dp_jf-4b3X94ALsYY54dmyy7B6XjW9gPRjQ%2C.SX7JaS3-FUH3ufCFYJy3LOf-xo4%2C

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Server

149.5.244.214 Valbonne, France, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:58 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9803.gkZcTmvx18HG6hK6xbZekPtXXRh5tNxgQ-OahzUq9cpT5O4DdpYP4ot7qPjy8xq07DQWZUf5Dp_jf-4b3X94ALsYY54dmyy7B6XjW9gPRjQ%2C.SX7JaS3-FUH3ufCFYJy3LOf-xo4%2C
date: Wed, 26 Oct 2022 09:26:58 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sync_cookie_image_check
mc.yandex.ua/ 0
0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 151 KB
51 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d2585f37d01f033b032350aa27da871e0b8748d9812e4e08d65c0537240117b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52377
x-xss-protection: 0
server: cafe
etag: 10358043731766563720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 09:26:58 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 132ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sbo.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 135ms
52ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sbo.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CCEB 76 KB
24 KB 517ms
517ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a04a50717020b4b5731b401cae5b1c334b04acee7cadd46b2e766af536ec3e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24939
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:26:59 GMT
expires: Wed, 26 Oct 2022 09:26:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33F4 76 KB
25 KB 233ms
232ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=434601094&pi=t.aa~a.1885888291~i.11~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=1&bdt=1241&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0%2C960x280&nras=3&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Z3Yst4ovD7&p=https%3A//sbo.ua&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9245fa9030df399d77feccd5778a818d3c4097e8eeb7cfac92bdc21f6707079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 25127
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:26:58 GMT
expires: Wed, 26 Oct 2022 09:26:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1C36 8 KB
1 KB 416ms
57ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=100&slotname=3586964403&adk=3151828671&adf=2479816674&pi=t.ma~as.3586964403&w=970&lmt=1666776417&psa=0&format=970x100&url=https%3A%2F%2Fsbo.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776417533&bpp=4&bdt=286&idt=262&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&correlator=2771155384098&frm=20&pv=2&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5TgJI9TJ4x&p=https%3A//sbo.ua&dtd=277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 09:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 08:59:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 09:26:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 1C36 2 KB
956 B 411ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 1C36 23 KB
10 KB 399ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 1C36 3 KB
1 KB 406ms
54ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 07:29:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 1C36 17 KB
7 KB 404ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C36 152 KB
47 KB 410ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 09:26:58 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 1C36 33 KB
14 KB 393ms
40ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1C36 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTSefYf1YY8-FOdasgAfvr4uIBtDS2P5suabk0qIQ1refjI0OEAEg5OvNGWC7hoCA0AqgAdP89tUDyAEJqQKNZ696yrSwPqgDAcgDywSqBM8BT9AVsgadN0Z1d4HNFe7U0kYvAz6kr-Hj-UsfkLqyriEUoFuLGJq1IyHBSbf0FLP-FtFiBoNOh4tfqWNzhtMyXYNoFs4HA6dCugBkkQ90pmlA63bRjzfo245W_R5nFi7AmaojxvF6ssOXE_byWINT9mpibOOpubh6CwkXr_f732ndYTCJ27xJ5BRhzFp1LZ_SZ6cb2bnlCzcmVpvq-k61jXIUZTNFQDYawySzkCUeSEWLuuj-4bqOOtgHI72DlKiu_Gfv046MUGtXpGJNasErwASvl5eojQSSBQQIBBgBkgUECAUYBKAGLoAHop_qyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDOwgTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAZgM2bn9i5AEuBODBNgTDtAVAYAXAbIXHAoaCAASFHB1Yi03NjM2NTIyMzIwNjc0MzU1GAA&sigh=HzjIi0yROCU&uach_m=[UACH]&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=100&slotname=3586964403&adk=3151828671&adf=2479816674&pi=t.ma~as.3586964403&w=970&lmt=1666776417&psa=0&format=970x100&url=https%3A%2F%2Fsbo.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776417533&bpp=4&bdt=286&idt=262&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&correlator=2771155384098&frm=20&pv=2&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5TgJI9TJ4x&p=https%3A//sbo.ua&dtd=277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 09:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Oct 2022 09:26:58 GMT

GET
H2 200 15348253372493321217
tpc.googlesyndication.com/simgad/ Frame 1C36 970 B
1 KB 398ms
55ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15348253372493321217?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 08:11:07 GMT
x-content-type-options: nosniff
age: 436551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
last-modified: Wed, 11 May 2022 10:35:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Oct 2023 08:11:07 GMT

GET
DATA 200
OK truncated
/ Frame 1C36 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1C36 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/ Frame 99DA 10 KB
4 KB 44ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 61110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 16:28:28 GMT
etag: 9671129459699598864
expires: Tue, 08 Nov 2022 16:28:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/ Frame 487D 10 KB
4 KB 44ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 61110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 16:28:28 GMT
etag: 9671129459699598864
expires: Tue, 08 Nov 2022 16:28:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 33F4 23 KB
9 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=434601094&pi=t.aa~a.1885888291~i.11~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=1&bdt=1241&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0%2C960x280&nras=3&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Z3Yst4ovD7&p=https%3A//sbo.ua&dtd=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 33F4 8 KB
789 B 55ms
54ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 09:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 09:12:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 09:26:58 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame 33F4 14 KB
3 KB 135ms
40ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:53:08 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame 33F4 362 KB
124 KB 136ms
40ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126916
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:04:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 33F4 17 KB
7 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 99DA 4 KB
709 B 58ms
58ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 09:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 09:00:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 09:26:58 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 99DA 205 B
229 B 122ms
41ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:37:54 GMT
x-content-type-options: nosniff
age: 28145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Oct 2023 01:37:54 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 99DA 604 B
628 B 123ms
42ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:19:13 GMT
x-content-type-options: nosniff
age: 7666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Oct 2023 07:19:13 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 99DA 19 KB
8 KB 140ms
55ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:04:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 487D 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1X-FYf1YY83rOYHuZ4HdjIAG74LPjW3F8oeViBC-mee8zyQQASDk680ZYLuGgIDQCqABtpG-vwHIAQKoAwHIA8kEqgS4AU_Qn-YzlgRd_wSCAjqhH4p3fDLZKyYFK0Zh5TnoAhO3pHo7kMYtCQQxKnbtAGtzFpRPkFq4MLcwXKoB9peK_vgstPjbLsgTQsmXdGM8c6VTBVDsHylbtz-_i6XhhF_Bew3rIEINK4EN8K_TBwHFPwdD22G6ue0U9u4U1-lC7DOFfZNrV1BbIYVgQtTU9_Hnm5smFPeh-cVQRDTSyWhcIJCKaxatHy3VRodC1BX7AiBmqzkWmtmaGjrABJT7nNKaBJIFBAgEGAGSBQQIBRgEoAYCgAey7sHAAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOTxINIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc2MzY1MjIzMjA2NzQzNTUYAA&sigh=-FUY_4mG05k&uach_m=[UACH]

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 09:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 487D 23 KB
9 KB 120ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:42 GMT

GET
H3 200 12184727186977221700
tpc.googlesyndication.com/daca_images/simgad/ Frame 487D 53 KB
53 KB 141ms
63ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12184727186977221700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921213566f1e25fa1c2e26e367a63dc4c02cb78185a1b4ca95be4ecd0c41a917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:50:49 GMT
x-content-type-options: nosniff
age: 117370
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54602
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 12:43:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 00:50:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 487D 3 KB
1 KB 118ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 07:29:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 487D 17 KB
7 KB 127ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 487D 152 KB
46 KB 131ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 09:26:59 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 487D 33 KB
13 KB 205ms
128ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f99c3b46e3e9c4a0b83bff85ab15facf6d8fa7cb43632934195ffbe59c34bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 17:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13742
x-xss-protection: 0
server: cafe
etag: 7228540032719881800
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 17:28:09 GMT

GET
DATA 200
OK truncated
/ Frame 1C36 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b94350d6f098a2c0bdb7508110ba2b9389800d34078da01990a65d4275c7fa75

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame CCEB 23 KB
9 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CCEB 8 KB
716 B 130ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 09:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 09:20:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 09:26:59 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame CCEB 14 KB
3 KB 122ms
40ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:53:08 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame CCEB 362 KB
124 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126916
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:04:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame CCEB 17 KB
7 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CCEB 0
0 305ms
47ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQj7vaRmMP9salXlRNlQki5HI_S1rPIPl0GULKHD81rtL2c9KTVNyWHL52jrIFtjgEGyXZt_1smozoLa1cmAl6uB4OVkA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 6CED 6 KB
672 B 114ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 09:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 09:13:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 09:26:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 6CED 2 KB
902 B 98ms
98ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 6CED 23 KB
9 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 6CED 3 KB
1 KB 97ms
95ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 07:29:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 6CED 17 KB
7 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CED 152 KB
46 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 09:26:59 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 6CED 33 KB
14 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1C36 28 KB
28 KB 303ms
40ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 2535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 08:44:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD3D 143 B
166 B 44ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 487D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdc8912a78b78c5faf31e78e2a365787170ac0b511d2798fcdf21044caa7c8ef

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 33F4 0
327 B 355ms
123ms Ping
image/gif 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9pfn80k&c=5583204298925&slotId=2791602149462.5&qqid=CN2S5YLK_foCFe9CHgIdot4OTA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 33F4 9 KB
10 KB 260ms
109ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 133036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 33F4 15 KB
15 KB 213ms
83ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 418326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33F4 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CF5n6Yv1YY93ZIu-F-cAPor274ATssdPSbO_W8vz8D5-FvdDVJBABIOTrzRlgu4aAgNAKoAGp_-XGAcgBBagDAcgDmwSqBOYBT9CwL-oVcRo6YFSNTLtYWNzCcIQwrgO-cd8wY-hmnySqAWWpo4jhgQj5N_F8ks-F_w3XqyfYfGxyekzJT1mbjwDg0qtisuIoT7EesM_ipK6c55HW8NReeiCsLuT8iWG114eOO0LKFQkKEgvFZzEji-Xn3xFDQClSHfpib2XDZfWPggsycA-593ZQo23QStWZbcsUi3d7XqH3fV012FLwMCb6yENoNOpw4HVH0UNy6HOVZ0eIItM0au93tt35JhZmbNquD1HH1cyCD9-VRn_6xzftvumjojE--0Lf5iaPUaNvXKECPCTABJmpg_m9A-AEA5AGAaAGToAHv4CauQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE9Px0hDYEw2IFATYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1666776419172&ai=CF5n6Yv1YY93ZIu-F-cAPor274ATssdPSbO_W8vz8D5-FvdDVJBABIOTrzRlgu4aAgNAKoAGp_-XGAcgBBagDAcgDmwSqBOYBT9CwL-oVcRo6YFSNTLtYWNzCcIQwrgO-cd8wY-hmnySqAWWpo4jhgQj5N_F8ks-F_w3XqyfYfGxyekzJT1mbjwDg0qtisuIoT7EesM_ipK6c55HW8NReeiCsLuT8iWG114eOO0LKFQkKEgvFZzEji-Xn3xFDQClSHfpib2XDZfWPggsycA-593ZQo23QStWZbcsUi3d7XqH3fV012FLwMCb6yENoNOpw4HVH0UNy6HOVZ0eIItM0au93tt35JhZmbNquD1HH1cyCD9-VRn_6xzftvumjojE--0Lf5iaPUaNvXKECPCTABJmpg_m9A-AEA5AGAaAGToAHv4CauQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE9Px0hDYEw2IFATYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 33F4 32 KB
17 KB 193ms
68ms XHR
text/xml 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BEscc6gTreQdoAbvbJOLMJ9CrMj-Pr3qAb7PK8rf5XWaPuUR1eWKoQViqmgANWxHj2u4b9w5WdaFGmLisfNb1v-jDVwA&dbm_d=AKAmf-Cuy4MCpF7vwIazIx7gMFfWCyjmac1dJyogszfNlyOEfwazDyTy6pWf-15R74ZT3D0ivBG9CwFBkWFZa9YbnmxrEGWRcUWQmG6JoqeOW7oOx2i3EP5UCgIgvaKCV4Pv__f2t3KE2fLKo-E5dOYlwLCETnr-Chq-iiUxoQaDadp9E7uZaksxGwTbS6eYfm8Zs0yMlLyHLPhMjxhRdxRlQB0wvCwIsj7mughSMEt3Zx71_A-DRb90YbzBuU39EXJ5Vg9_nJr6g1_onpjk0bNmapmLv2RGAes9ZKcJPHtHbrvZa-BKCdSzhTZLGEs_ACH7YgzHY8nydiR5BEbmnESqrZ76neJCrsF7cbp2eZfCbfpmkVB_z17Fhj3Au-3izdnZz4DZyxuMhMYR3OSqqCO0pNsApsxvdcuscsYCoT8rU8Tsa31OtBPj5YOXqWbiYgfO6dahI29DEaFDiVk2IexNM7yeoJZCgu-dEmPmvhX8C5npG3lUKzeztDTU4NqxqH92XTd6e-O9S4-uTymSXxWzQnFYxUDhzQ4gix_1lACIt64swuTaYqGpVQe5nj0wgm39xU9SwdN4v2JaSePZCS74IoxvQiOLh8EzQ4bHJvsncRN9bNocHN3gFC5zzdkj5Va22r3o0y53aNvWjpgWhhclgHvuOq30c3UHaa_tsCbWJbi6FYigmdW7HLN1SQmpXKz84MCRo9q-wXcxSnuQqxlM9hTU9nuFJms-T5qdtxwPOEq15RSH_xHYu9sQm3zMW6NIssUi6dCy51esMRxVJARGp0GxxT5LwEaEzJxmUkSx0zdYCNdhEODoUs9ubo_5m8-ThgIjB2bmb7FtIKsSsres-vUDTDBny-kvI0XOm9XY3__neUGiIDKScPyiVExc_kUUdN_Tq3WSolosUY3kk8M2YlUtr5Bh5HGPxXjlCjXerQA4F7aHW-ct5Fq2Qm4eD4uCt8V_cg13ewCLNStCkXIb3vFST6ZVrK3PX0p5N5y6k3KdyXqygco5A3F0-gwpwSitw4-Svqjg8fCMfFnBl0A1E1iaikX-I-odT8-vV4AsoTqin7ARgcCsLXdG6aWIKmjIzCPkMTUHV8CsIYEsslksXMXs8ssrtWvfqODGMfC9zPkScacOsEJ0OJwzfvM-FdZvkgIHoqYt-CDzUNRTYHuNXKrGYvz0-AjCvcwAHUEpm-7pxpXIcTEpiSfKeN_RHTEwu68tknRnFquzws5J8Wc07O_kU3WM1jatBUH0gbct0gLFm7pl93yyyw92mt_b2j1BNCE6AbcVA7EiGRbO1Db4G0EX1ZZru_j__NPtWKjZyjhd7o0FZoa8-nb7TecoIeH8BsyXgQigBFGDbpPJG-08vVLt_AEkivFVoeIWV1xSE8xmHMEfyHP03UwzirKfb5KDybaFJl3URU1Wtq3acr2zTmzO48GEA2YqPfGL0qwnrxVnMoya0k4pLJqabPBd4Xv_infuLXMlLZx7aJ_ief6v8-04Gn8lKVTkF-e2HCJTZwSlPOkM6kfMDZc64JMymt1-sm1HxNQDwor-jzcbRkl517gPRbligC-kGbLx3U3mzH7GqgVeepYJXl8EnCxmRG9N_nFdYPko3xrPSq59h2K089FU0G3qyG4IUkVHAosf3ky8lLekw7XqBss7KyejLD3I98M7fipv1pyiQUZkB0UfmSLN7hfmcr3sMR8SehlKg_fr9PgpuDFxJZQ4cROtldC4QI9hb6DEHQutwnd7GxXIlxhhcqSNYqq0yRinMa6P5TFcphDzRQfNc0Y8p9Iv7aoF1Ih9z-j6Ml-Bk8smnNcomlq2O-7ejJfTSfOhUTfYl2rFgYMikRH4RDO6zzzxfBc1XCsvivmhy-sLZtdkZTvkzSjJIaAmNcw6E97y79fXbnwxDxWGyULVXJzUe7ds7mrtU5SVwCvv43sPFvY7lNvuCma6Kf3PhuB0sdFNr1yHjAmiC4V406680MTNxf8ksHuRxCw-5jc_BEVjEmuICPDs-ClD4ZMSbojvawszYdExd2INsjvVP0L6lv9-BKfhdRGuSBgHBNSLwcFptWYZeoqec359P_MsgCyGp9jtcPDqIMMyXHTYu8Sd2gETJtttzc3jWgU78lwC-VSrJOCcfa58GAdWegcDVJB_4INbTOEmRjT-yGmfvFDGQ1V1yuX0oGkWu5Eg9Y_TroWpbUTzbXwB6GvEipHWqQXzZ8vJjt-YK4TSPSOcJ74Bx-RVrrG5nPP6cquER-Nxn_Dc_O1Uv2wvIaIqtJczuJmyIFW0wUFEAG1kA5f5jCbRTlC5Qz4rdaKyG0CjclxqOrWSkxcgC3lS_OspenJCuzgcyZNBrhBiZDIqCLOAa0Tqm0mQDp7zVXFKcM43PH63tfVUBwipReUaGg9KueGTzd3nYNxZoIqfOhRX-0MPHLqHiztD197GIvoDn2pyswgRsAkSflKmzzeWMsO7mQmCqPhSaOaiJQSbkj58HirSgt8VoqyEwUdHiP4kIDTSPAWi4uoD74g7WC4RSNoNR6zfOScmI0MxCIbKHKBmrdqER1JR_xrdh4MJHOsrURUvtqOyMl6IzaLZyqkiXXoMMTL7k8X0kSr75DuhC93qoefVB8MErwjQm4pKn4q9Y3CgB2wEpIyy5IJV4UN16uABxlOYoVVqIRO5AHCJKUzV0ZQ0JJlux5YW99iMzZIlJAgO7DfBPaL1yPtwUjcva5Y0nlQstei1ttm1Lry-MpGjAqTnNlq61Pk9csGh91Xri_hrE2_DjmlDrfNRbffeO5aFXqMGkgHP-kf5Nmfq7idlH-zMrvh367Lvt3W-QMfbjpMwCxcjsi9XJ5V_F0Yy-1OoWj6q2JWY8wBuj5ByBfh5hwGrBGecavvNxJcPwdoiuHxPjP2jLfEpuGpKIkXci3ax7-c1uAZvYUlQ5svCpTHasG8PPw5JaqC45Qm4SGwIyhRkZNfw8Cc2IgNwlv1uy59Uh25_y8wZvufn4frMMsEprTS4EYhAhlre-3fRuDc305pylOhnHd__HdO3nMCaJUQZX_hzlTaJIHwfgsV1lwMQoxZBjhtr8mvxJjtRHcsdOPtirU32b4LDpXW_kJOE578VQgiSJvepSP7SqVaIu6LNc_aGEubgDoXqni32rToGf6ptbfGz_HsLON_XFYyQww49t5RhlxtDc0cM0-P9Lm5Ee6gVXPCiHagpOUotlQGFkJ9jgtEbVpC7aCx64CNeOPdgldH1zKtP_v6ObkRE10w97RJJDId8lm6829_hfFiWb6w3Q6c-nkjAXZoepVO0vy2yRFhYCIAsq7eS8GO3sC2Ze1tEasB63mTz5I_7_QneMfh_ONtzKNlLbSDrIlFzaAl6WZP9HwHsbrq3cQBJnQYg_Aa3lwvByQC0Zf810DeBtjUbPzRg8Fb9woJ1hyz7K4_7qw12aBFLlqNKQc9vCkCIjE81Z03_RkmZszvI9FwxRqQOltBM&cid=CAASI-RotO_4-Xy_BnErq4-CcHsrNJciPmDbjYn2PagzqSvC4LRy&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

cafe /

Resource Hash

0eee12d95373a8af7b47f8c4eefa36654a0d5aef7690067829e88ac9c954b4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16616
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 33F4 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct-O9Yv1YY93ZIu-F-cAPor274ATssdPSbO_W8vz8D5-FvdDVJBABIOTrzRlgu4aAgNAKoAGp_-XGAcgBBagDAaoE4wFP0LAv6hVxGjpgVI1Mu1hY3MJwhDCuA75x3zBj6GafJKoBZamjiOGBCPk38XySz4X_DderJ9h8bHJ6TMlPWZuPAODSq2Ky4ihPsR6wz-Kkrpznkdbw1F56IKwu5PyJYbXXh447QsoVCQoSC8VnMSOL5effEUNAKVId-mJvZcNl9Y-CCzJwD7n3dlCjbdBK1ZltyxSLd3teofd9XTXYUvAwJvrIQ2g06nC4dOXNS0h-QQe5ry9KEZNiNqfDPSltkuolXgpAcM1RxasXXTLSNn5p_MWQ8R9m-UsbsBbOCpeNftA0Y8AEmamD-b0D4AQDiAWvzYKrMJIFBggDEAEYAZIFBggbEAMYAZIFCggiEAIYAUiYrHySBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQmaYaGMLWhsEB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE9Px0hDIE4ea8NwD2BMNiBQE2BQB0BUBgBcBshccChoIABIUcHViLTc2MzY1MjIzMjA2NzQzNTUYAA&sigh=ZA3q88OEZlE&uach_m=[UACH]&cid=CAQSOgDq26N9oDgmlPyC7IV7bt1BftyRakRNplmP0J7m4OKodznJE0lLpwN-dDcChHE7-41kavYp_BpMI84gEw&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=434601094&pi=t.aa~a.1885888291~i.11~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=1&bdt=1241&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0%2C960x280&nras=3&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Z3Yst4ovD7&p=https%3A//sbo.ua&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE31 1 KB
643 B 44ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 44582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:03:57 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 21:03:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 33F4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0ea9af222d8c2807c999e627f10bdc15270c1ee3bb042e39fc0af05e09713dd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame CCEB 0
54 B 262ms
123ms Ping
image/gif 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9pfn83h&c=7774981720450&slotId=3887490860225&qqid=CJLN5ILK_foCFY5KwgodLdoO4w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CCEB 9 KB
9 KB 180ms
118ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 133036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CCEB 15 KB
15 KB 158ms
96ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 418326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCEB 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CrsmkYv1YY5KUIo6ViQattLuYDuyx09Js79by_PwPn4W90NUkEAEg5OvNGWC7hoCA0AqgAan_5cYByAEFqAMByAObBKoE5gFP0Bex-T3xDdzS_gUd1SMyeNoGAby4H2gCRec3zPhHuxmC0T3xyzg5ECkj2hdjtsjar6X5IHtXKV34_xaM8Zv4e7LRhi8tIKhP2Rvu6yTuVg60FvvnXVUwx5GeIZTuLz-0JZpu3r015zWrlBOymnHtwRO6Fu_MNaEoJc-uva4UbAJ0Ecg62IeM0Ot61r2SDluxoKD8bf4N3xoKvlCv6qxojIymconsm86Or2BEtLSrUYhGwzWQnoOoeO5Kmj7Us-s49tnSvvt3EU6nkXuLzsABbQyGyA3hG5HaLMJJQCWEw0zqinXDccAEmamD-b0D4AQDkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT0_HSENgTDYgUBNgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1666776419267&ai=CrsmkYv1YY5KUIo6ViQattLuYDuyx09Js79by_PwPn4W90NUkEAEg5OvNGWC7hoCA0AqgAan_5cYByAEFqAMByAObBKoE5gFP0Bex-T3xDdzS_gUd1SMyeNoGAby4H2gCRec3zPhHuxmC0T3xyzg5ECkj2hdjtsjar6X5IHtXKV34_xaM8Zv4e7LRhi8tIKhP2Rvu6yTuVg60FvvnXVUwx5GeIZTuLz-0JZpu3r015zWrlBOymnHtwRO6Fu_MNaEoJc-uva4UbAJ0Ecg62IeM0Ot61r2SDluxoKD8bf4N3xoKvlCv6qxojIymconsm86Or2BEtLSrUYhGwzWQnoOoeO5Kmj7Us-s49tnSvvt3EU6nkXuLzsABbQyGyA3hG5HaLMJJQCWEw0zqinXDccAEmamD-b0D4AQDkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT0_HSENgTDYgUBNgUAdAVAfgWAYAXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame CCEB 32 KB
16 KB 137ms
77ms XHR
text/xml 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Cpt_aoNGlI4PhaEbhfQMAdAvAhPNlqEItJs75g_9rzcxSm1unA0eFFtceRlym9kyjztnKeqnWOwDUCzIJfs44CWTqhig&dbm_d=AKAmf-CzWufXcRDx_XtL_Pwa1ADnTJ4mHEyOYHbj0a9Tf0F8iQmiZESMLfxfBl4-VufnyFiSeLdU-eUzdKaMIkckOydLZBjl2aDtENYlWUqhqh_fdbuJtFgRnVpUI5x1nPMHyHP_srWvlHMMI-NhFncUIvOvUlkXVpB8_d1AGJhpJA5vu5ODD0drfZdMdmB81xKgxih-STpqPQZpcUjBB0GZB8TRWGhpjot0WWA-aqn2B72kH0kBxKiuT8oYKbANXU6ipqKyZI6_td5cJ7FAs78rHx4QLpCNd8sdDePEV1WubXGgYGXpI9_5XtwHdtlwQFxYstGbsQQ52Z891NjIgX3gjZueegyIxVtzLUXRfy76_lXKI5Qka6gb-1m1Cr89fP1K36DbuS550ocEpVYXIAvufZUDhOJvLsLofGKazxw7KAW8waEfpCIykN5XL-7lJsWhtzMoDBZn0SshptSyoNcmRujlIfT478at2wcz1NJw-juweu8NSDD8mN_D8byejlX5vpVAwywj7_Wgvtmat8O0SpxRZi95yV2AnuVMweVXpUI3WP93e0nac-opMTrGF9IfomQFfBCmVIZ8cySrp-b-pDgWvoGJ4cPOFhjFLoVCqAD8zRUJ30soxrQEGXdXu4b5rWQA5fmVo2XwkCi9MBvBkcZAQbHvoQ0fP3e4CmJuML1lfXaJj9Isa28xOs6iN4AIZcGITpOOHqK5m89KwW8EZXKDlIzqSUZvCWyzHQfqzUmBa9HugLQqEWhoIK_2SmhfoHUeeuN-S2na539R8cu_B65tX72JVwnvVCnC53fQEO7rkXZdN4KhP7n4hB2aqgjcCfDYyn0UahdGLTZdT9vzloobxzHi2v2o17-vWt72IpvovXNdywQgEAwan_Go9Qkf2PJRf81nEk5d2WMwm6dX-_pH12HU2gMg9v83VxF82NxjfAIVuoHhdlwfg6-ABIk2LAs1K1mQwvthLYgBnzoquN-NotW3rJ8APJ6N4hlR5upCZR_7zCUlbRcJ8RMkKMiDfKFGbSwRCcEUzdzOA7MsJEl4SxABRT4REo3wH3MGIOL-2b_CTH5V8h6pmZ2JvIn5T3NF_dvbNdrD-VAstOFPqHwGZhYBpzj8d6uO8vliYpiTZMJ6ZwkbjsmiiOUIMD5-bnGETpVeMF8lrJuy-fi2TF_K-g5kmyGF5H0JhWPkq9YyKcqdfHC1RCUzhqd5HSTYeFAERf39oqF-Cdwdxe0uRVF_AWjTEpftizPbKpSvmgeuUvsA5BJou55gy-omUzy-lYVOQiweu0BXJ2qrj-lF5jyBKYnQp7htxJT6W0uJpTxN-hmvouIXtb0iqLzDJ6VC_a3CPO67slgMvixYOQF0gYioiYRtke2sIQ5Lrg_Y8NRDZHls45dYkWdzL-E-OGgT3GVD9PMgibji3G3ruqX1etvudMOQ6NPrA_mHQf2Xmd7luV1LBeE5Oa5fy7Gieb8JjpAGtrN5Oab5bbCqU_KrllMEvc0oTdefpoGk00mr1KAKyKYq1Ys60zJAgEftRfuk6d3r2YxRmEkM-TxHgfUwAoC7RGIzhL7T8-M-R0ZVZ73AMRhbpeSkZZ3-62mG9elS4m_WRUZ3f2vjw2-odBi89l6d0l6TM9Mhg7mHPOR5DXIpxH6G53DU9ysLe95yogQXXmqYbXR5YBfWebJA2bJNJ7cPp4ywQGw_3rQq3MdIiDaSDqsJfFax1x1_ZvLTTXVUWdf7rEO5sfeKerz2rK1opWTbdYtmq1AofgwYrcSqETPptROtEXxowBlGyYMKVOb2rxYKyx5HTHgli5GwDM8SuzQoUUIrfGYHu0dPWzJBygL_CJr7xKxoxl8uec7qDyj1QzYC88MTG1FDarNzoeR88GPgA5aeod2UZSULVBNRzQN-68lWc1XbPRxS-h2c1TgXKJ3IVnT1MR30YjcqJEmfq2XBZ0iTUMIE-uwlXV-pSiWCTIysJnO9EjtAtG78Dyv6Ue2IifJKNRGrlh6KpDWgKhMPtrr6tsQkTJ3Z3BD0P_KFjxxAfUvm2XN6l4jMD6xR8joTYu0lxpKXKpOP3YOgsUKKxguzOxK55nKkIqDB8lF8rx4PknKYr7uxRRcki4eJW2mxhEFlYDHqtfrfoHD28qqvb7qaPdZtBy0c5elMsd_PTXxfp_ZS4nsayaP_xjQtvjL_Of5RoHfQSq41orwneQbAkf3TwLviiTsJLtnCcaWr39j0phcXdOwIToWUlShB_MYmY802Kd1IkNckr1G1xUUdxX9lYBP2V54_n4ucC9azIYAjF7RhpTFZNfnl1jygUGAqdK2jenJb3EBUZSqmduD0ZtJPtUPF8Q3CKEt28gRFb2dN1A0ZOVnHeZlwnkQyUL-juYV16jmaPl0PreHbfiZY5CDGOVJtB3SFQe-kyEBMu_NZLek-dEqlLZNI4Qmx4dQZZwDadUII7g-EpgTWVcB4hBLcn-Z7ApQN6Ha07cH5AoMjfMauDDnqsCE3alfE09zxsWoaLRdFLIuwbJsBpUVc1RTwNU-SHNlBlh4MGYJY2OgGzztvf5TiHMQKyXQLZ-0F5UhIss-2skp9H7fYjv650ke9zt3BSVjsW_RcrqWVDPCiaqVOyzHGNXgVXh08AE_DQBV1nsjpkbIAxnFzu8Qp7HkNWIPI_gaCGQrnH0WwAF0FIxvKlaAHDR5i4CR0OrXRV7qBzqPPbekDgmc3vbuGlZN_oeYb10DD0QYfBkU-ceisWnE4xuGmvXMS9ySTj7lDIQY7doLWARc5oyfgaXwpDJXRiARYqv1Ez1RtzrsgibDYOQVbS29TyxCLdhXQ5PDP46LGj4jiuzWQZ3OZwWQAooPdp9-pW3ofrtxN9y0D9X7JkqH5KCjGZXbXZkdthy-URuPeLHKWJI3zqqj8Yvrj-m_2iovhzKRPH72lTFwG8mitywNMrRkKmThVIjmfpdUmqGBZ7m3KcAmQ4KMSDxjE8lG6l5I50OJ-XHY1lVYXa2_p4cQ5dDokXLZvrGaw3s0hj0rgbqV1a-f9nTQxMozYmpD1ODr9MfXcS4NStojxJxHXiV8duVv9n6YhwKUOaloU2iyQ5B2nQffmzQkkxfWE9bMfRFIl2u5HLxfD1IbArQjdTQbLZn31XilW8yDvytEIm3b3VwzhSLUiFvgJwsFaoHd7zthfFiTL8YPnXdkVWDRqdhAq_-8Zw1hxCUKOZqF18FxMRUL_R0CB2kjV67H0KqbUEEV2KZfNwjqvkpXgQPMYdkpZZx47CmVmB9Zwfq_hcldzR6iDktWExSF1nkddn2rWUf21bmnEUo2JZV27GPAeMhIsay8pPp6Z9W4dCebs2Yy5FpDX60neNC1gX2wR0kPauVVel-qPMmWE_LDRkbEqXRHAxQh7nu8JPVRT33yaYLT4Sp6825guWySBf_Jpl3s3j6D0aDXjlTvAI4MpQN4VQtI&cid=CAASI-Ro7cDtk9ehIXRGt4XBYPpF2MbciS20nOW_M1EQf12SK7ON&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

cafe /

Resource Hash

588d589541c7bb86b00d92e5c9758f5066655c906af50649246f1d4d739ec0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16521
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CCEB 0
0 78ms
77ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTdSpYv1YY5KUIo6ViQattLuYDuyx09Js79by_PwPn4W90NUkEAEg5OvNGWC7hoCA0AqgAan_5cYByAEFqAMBqgTjAU_QF7H5PfEN3NL-BR3VIzJ42gYBvLgfaAJF5zfM-Ee7GYLRPfHLODkQKSPaF2O2yNqvpfkge1cpXfj_Fozxm_h7stGGLy0gqE_ZG-7rJO5WDrQW--ddVTDHkZ4hlO4vP7Qlmm7evTXnNauUE7Kace3BE7oW78w1oSglz669rhRsAnQRyDrYh4zQ63rWvZIOW7GgoPxt_g3fGgq-UK_qrGiMjKZyieybztauwli8jj1jGpgrkvhcJKChPj967p83Z3FyfZ2f8fMYZ78T3B-HRK-mJKjQsSXT5DreC2FsPVge84JIwASZqYP5vQPgBAOIBa_NgqswkgUGCAMQARgBkgUGCBsQAxgBkgUKCCIQAhgBSJisfJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHv4CauQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCrkRwYwtaGwQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbAT0_HSEMgTh5rw3APYEw2IFATYFAHQFQGAFwGyFxwKGggAEhRwdWItNzYzNjUyMjMyMDY3NDM1NRgA&sigh=dcwK5OA6oSk&uach_m=[UACH]&cid=CAQSOgDq26N9zc9esiyORuZq2X_HM58zHqTgeCNGUtQAtguP_0fZA8l75O1zZQA2rJIsRH91YLX1IGLPwVggEw&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3147 1 KB
643 B 43ms
41ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 44582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:03:57 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 21:03:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CCEB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20653f69e6c6d898d6007567ce8aa0918d0b9e400a034ef7683a9c61bb58af69

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 54CA 36 KB
16 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 08:42:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE31
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-vCn6h-CZmTqcaPzTqQWIiwoPqn2V2QWs2nqbV6St5obeiNw6Cd8Gf9T37MJkbmjXkS_fsjjoGpOF3kc48noTMKa-SyOyU&google_gid=CAESEI4MlwcLtZwT6CJybPhuwYs&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOP645oGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWm1QeGctdkNuNmgtQ1ptVHFjYVB6VHFRV0lpd29QcW4yVjJRV3MybnFiVjZTdDVvYmVpTnc2Q2Q4R2Y5VDM3TUprYm1qWGtTX2ZzampvR3BPRjNrYz...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdTBEOVMwQ0V3MXN0YXVmNWctQnNaWWY2eFBaU19Ga1BtSDFiT3JNNlp1WQ==&google_push

170 B
188 B

52ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdTBEOVMwQ0V3MXN0YXVmNWctQnNaWWY2eFBaU19Ga1BtSDFiT3JNNlp1WQ==&google_push

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Oct 2022 09:26:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdTBEOVMwQ0V3MXN0YXVmNWctQnNaWWY2eFBaU19Ga1BtSDFiT3JNNlp1WQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame EE31 43 B
356 B 256ms
41ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBsZdZZ2yg9uBZoM5n2M7fE&google_push=AZmPxg9hxkIlItkDcJ_CHzOxdIIGLEJ4ksIvpyZkhBi8K3uNexJmzSeIo67zulkuZBly13MQrnHHQD8zDIU630sroYt5lXcYL0EE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=434601094&pi=t.aa~a.1885888291~i.11~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=1&bdt=1241&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0%2C960x280&nras=3&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Z3Yst4ovD7&p=https%3A//sbo.ua&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE31
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eaE8oFndRD2iame0whRK9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

121ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eaE8oFndRD2iame0whRK9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_uU0qGTX7ihbFSN1Nt_C3yICiKdeGsc2EtcWhJU-5TQiWqrhwon20C0oSrFRUTofQZWokVoUMXFHCqIXfKgliwpeBKm0xW

Requested by

Host: sbo.ua
URL: https://sbo.ua/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eaE8oFndRD2iame0whRK9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_uU0qGTX7ihbFSN1Nt_C3yICiKdeGsc2EtcWhJU-5TQiWqrhwon20C0oSrFRUTofQZWokVoUMXFHCqIXfKgliwpeBKm0xW
date: Wed, 26 Oct 2022 09:26:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE31
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFRwagkH-rJmYngYDLcWTzc&google_cver=1&google_push=AZmPxg_zhFwilHW_t5wzphlJVdoJR1Vi-Qpi47YZRcrKR235quhghhytZXCYXlJHN_Xdz6df7l6...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlQRk44RjYtMVItM0xZRw==&google_push=AZmPxg_zhFwilHW_t5wzphlJVdoJR1Vi-Qpi47YZRcrKR235quhghhytZXCYXlJHN_Xdz6df7l6xNqAfZBrBOVNuan-xHZehs2TK

170 B
188 B

124ms
64ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlQRk44RjYtMVItM0xZRw==&google_push=AZmPxg_zhFwilHW_t5wzphlJVdoJR1Vi-Qpi47YZRcrKR235quhghhytZXCYXlJHN_Xdz6df7l6xNqAfZBrBOVNuan-xHZehs2TK

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlQRk44RjYtMVItM0xZRw==&google_push=AZmPxg_zhFwilHW_t5wzphlJVdoJR1Vi-Qpi47YZRcrKR235quhghhytZXCYXlJHN_Xdz6df7l6xNqAfZBrBOVNuan-xHZehs2TK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE31
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMelIk-oeTUlQ5JpWVUk5vI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMelIk-oeTUlQ5JpWVUk5vI&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMelIk-oeTUlQ5JpWVUk5vI&google_hm=Y1j9Y049bDhnKPq5OWNQjQAAEOQAAAAB&google_nid=index&google_push=AZmPxg-tVaP7M62RHfxSvlvBfqH_TD_PAVrwm...

170 B
188 B

53ms
53ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMelIk-oeTUlQ5JpWVUk5vI&google_hm=Y1j9Y049bDhnKPq5OWNQjQAAEOQAAAAB&google_nid=index&google_push=AZmPxg-tVaP7M62RHfxSvlvBfqH_TD_PAVrwmCIcEzxIUEtJlJ_Tbl58FNH-Jah2hyo9t9VF_Ag0uotGZELiIcnzxsaG4VikMc2-

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMelIk-oeTUlQ5JpWVUk5vI&google_hm=Y1j9Y049bDhnKPq5OWNQjQAAEOQAAAAB&google_nid=index&google_push=AZmPxg-tVaP7M62RHfxSvlvBfqH_TD_PAVrwmCIcEzxIUEtJlJ_Tbl58FNH-Jah2hyo9t9VF_Ag0uotGZELiIcnzxsaG4VikMc2-
cache-control: no-cache
cf-ray: 7602274f8dac71ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame EE31 43 B
296 B 289ms
42ms Image
image/gif 2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHc3zKgwCLf7dwRHdwBRFYQ&google_cver=1&google_push=AZmPxg-PShfxEQg717P72ZhmHdNrCgPrkWmbHelskjZIxNg_V9d75opUDsQZoJHQURQX6PhX9xV-wxnxkub8xTbet5JhlgreyGM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=434601094&pi=t.aa~a.1885888291~i.11~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=1&bdt=1241&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0%2C960x280&nras=3&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Z3Yst4ovD7&p=https%3A//sbo.ua&dtd=25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame EE31 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EE31 0
223 B 273ms
52ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbIvvzf1Rh4_-FdBqOD26ZULNswqvI9DYV5NFR-xQi2T1cp_VmZBp8zGLWBnpgDdk-6_WK5Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3147 0
104 B 282ms
62ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF3SAijXgfjdNdPuMD9nKQA&google_cver=1&google_push=AZmPxg_huT8ANt8wGYuabPv5RpvXWpPqPJ4yUzPBdVlKsVQsIKDuqCBqetr_DdP5nfngHzWlMcY4D6ub7z9GVIZz0K3m89A-VG_hnSY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3147
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAkuwBxcxNxPSD04lu46IZg&google_cver=1&google_push=AZmPxg_rgM5SK78Vjgat6_twYuQH01Tfo2RrghOcSoQUMPsrUjw1CexVHaVtO_vMC-uA7R5cvebsDuvrtBvw3zqu...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_rgM5SK78Vjgat6_twYuQH01Tfo2RrghOcSoQUMPsrUjw1CexVHaVtO_vMC-uA7R5cvebsDuvrtBvw3zqusbiDF3jjXSeQr70

170 B
188 B

53ms
53ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_rgM5SK78Vjgat6_twYuQH01Tfo2RrghOcSoQUMPsrUjw1CexVHaVtO_vMC-uA7R5cvebsDuvrtBvw3zqusbiDF3jjXSeQr70

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 26 Oct 2022 09:26:59 GMT
Server: MT3 4539 98cc2da master cdg-pixel-x7 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_rgM5SK78Vjgat6_twYuQH01Tfo2RrghOcSoQUMPsrUjw1CexVHaVtO_vMC-uA7R5cvebsDuvrtBvw3zqusbiDF3jjXSeQr70
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 26 Oct 2022 09:26:58 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3147
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPO_M0cC1sqgq7nAwKuIZYs&google_cver=1&google_push=AZmPxg-OIsazz_HQ10fxswNm3hYkCyyvHzx6eIUd2zOIxKDEfIoyAAWbC-sGXTQGYob2KkzFWZ2skCLlBuUeTQmL...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JFHXTvDLS3m3BN0DXy1xig2&google_push=AZmPxg-OIsazz_HQ10fxswNm3hYkCyyvHzx6eIUd2zOIxKDEfIoyAAWbC-sGXTQGYob2KkzFWZ2skCLlBuUeTQmL8bQP8xbgVb5BxhE

170 B
188 B

147ms
63ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JFHXTvDLS3m3BN0DXy1xig2&google_push=AZmPxg-OIsazz_HQ10fxswNm3hYkCyyvHzx6eIUd2zOIxKDEfIoyAAWbC-sGXTQGYob2KkzFWZ2skCLlBuUeTQmL8bQP8xbgVb5BxhE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Oct 2022 09:26:59 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JFHXTvDLS3m3BN0DXy1xig2&google_push=AZmPxg-OIsazz_HQ10fxswNm3hYkCyyvHzx6eIUd2zOIxKDEfIoyAAWbC-sGXTQGYob2KkzFWZ2skCLlBuUeTQmL8bQP8xbgVb5BxhE
x-host: tde-deliveryengine-production-86c7985dcd-fpzr6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3147 43 B
351 B 260ms
42ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBZniDQvLjZZwJm7qXRblfE&google_cver=1&google_push=AZmPxg_p8zTBOwLaEiZkei7Mz2UjzXwJNqD0sbIt_X7MHJS4BPcJnKxE6lH_qN6aWHWX3Gsa9AxtbkmJG37KPCn3O01DYnXj1HbQxwE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:58 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 1kvre9s6kvacbttfrgih6pdpgt8lt8fj

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3147
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKw7n6qAULAuPwwaQBNAC9M&google_cver=1&google_push=AZmPxg8yOaqTKJjvqR2zvwTjoBaKrHHcwvhCh7gZQvhvoCLESXlgklK-5426JZzzO48XmCZ82OWrCgQPKjfO...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8yOaqTKJjvqR2zvwTjoBaKrHHcwvhCh7gZQvhvoCLESXlgklK-5426JZzzO48XmCZ82OWrCgQPKjfOm_qWOagYK7VdgtoWj5Q

170 B
188 B

127ms
65ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8yOaqTKJjvqR2zvwTjoBaKrHHcwvhCh7gZQvhvoCLESXlgklK-5426JZzzO48XmCZ82OWrCgQPKjfOm_qWOagYK7VdgtoWj5Q

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8yOaqTKJjvqR2zvwTjoBaKrHHcwvhCh7gZQvhvoCLESXlgklK-5426JZzzO48XmCZ82OWrCgQPKjfOm_qWOagYK7VdgtoWj5Q
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3147
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENOhfraAnNAu8nwbo8ZNxIY&google_cver=1&google_push=AZmPxg_FpGhQ7e9Kg9_lmBJdYauTbBjPE8bFsRmtaKX7mykzW2EuhMMy1Vg4GucyjgHA90AwZa...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENOhfraAnNAu8nwbo8ZNxIY&google_cver=1&google_push=AZmPxg_FpGhQ7e9Kg9_lmBJdYauTbBjPE8bFsRmtaKX7mykzW2EuhMMy1Vg4GucyjgHA90AwZa...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sczRnaEVCRTJ1R1hCZ0RxRThSb2FqODlSQ0FycVBRTn5B&google_push=AZmPxg_FpGhQ7e9Kg9_lmBJdYauTbBjPE8bFsRmtaKX7mykzW2EuhMMy1...

170 B
188 B

97ms
63ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sczRnaEVCRTJ1R1hCZ0RxRThSb2FqODlSQ0FycVBRTn5B&google_push=AZmPxg_FpGhQ7e9Kg9_lmBJdYauTbBjPE8bFsRmtaKX7mykzW2EuhMMy1Vg4GucyjgHA90AwZa5V0ddj0-NE04r2PJQeVAqfFhsP9Yc

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sczRnaEVCRTJ1R1hCZ0RxRThSb2FqODlSQ0FycVBRTn5B&google_push=AZmPxg_FpGhQ7e9Kg9_lmBJdYauTbBjPE8bFsRmtaKX7mykzW2EuhMMy1Vg4GucyjgHA90AwZa5V0ddj0-NE04r2PJQeVAqfFhsP9Yc
date: Wed, 26 Oct 2022 09:26:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3147
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg9l_n-saSRg096bR9qEURpmlvvFjUkHjYZZ...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg9l_n-saSRg096bR9qEURpmlvvFjU...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e3ea83d7-1b4e-4877-9552-b7bf44d1f6a4&&google_push=AZmPxg9l_n-saSRg096bR9qEURpmlvvFjUkHjYZZgQA_EMoagAnHhIJ74lj6Z8v6zAIpWUq5eK...

170 B
188 B

80ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e3ea83d7-1b4e-4877-9552-b7bf44d1f6a4&&google_push=AZmPxg9l_n-saSRg096bR9qEURpmlvvFjUkHjYZZgQA_EMoagAnHhIJ74lj6Z8v6zAIpWUq5eKDKilSK6GA0B8c9BzzuGC4iZQTwKuQm

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e3ea83d7-1b4e-4877-9552-b7bf44d1f6a4&&google_push=AZmPxg9l_n-saSRg096bR9qEURpmlvvFjUkHjYZZgQA_EMoagAnHhIJ74lj6Z8v6zAIpWUq5eKDKilSK6GA0B8c9BzzuGC4iZQTwKuQm
Date: Wed, 26 Oct 2022 09:26:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3147 0
49 B 271ms
52ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JST8m0B1kvtFq5AnFFGwkeunY5CjJxquQg_az2uzOSkvLS_bZz1gHqlZ_b9ajHi67f5PXhcqY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD3D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
61ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:26:59 GMT
expires: Wed, 26 Oct 2022 09:26:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:26:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F92 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 08:42:17 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 33F4 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-aigl6nsd.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 33F4
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r4---sn-aigl6nsd.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

146ms
30ms

Fetch
video/mp4

2a00:1450:4009:5::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-aigl6nsd.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60CCDC9EA94C56B777126563F781AB55E9C06D39.65A1B47D9E6482C9C20018A5EDB02648BCEC62E1/key/cms1/cms_redirect/yes/mh/9z/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1666776290/mv/m/mvi/4/pl/48/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4009:5::9 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 09:26:59 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2791904
Last-Modified: Tue, 01 Feb 2022 12:57:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 26 Oct 2022 09:26:59 GMT

Redirect headers

date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-aigl6nsd.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60CCDC9EA94C56B777126563F781AB55E9C06D39.65A1B47D9E6482C9C20018A5EDB02648BCEC62E1/key/cms1/cms_redirect/yes/mh/9z/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1666776290/mv/m/mvi/4/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame CCEB 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-aigzrn76.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame CCEB
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r2---sn-aigzrn76.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

152ms
35ms

Fetch
video/mp4

2a00:1450:401f:6::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-aigzrn76.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6263F662341485547177FAB1FB6E5B4E2C0367B0.626D24B6738ABBE1C07ED3B18CCE9678DE0345D6/key/cms1/cms_redirect/yes/mh/9z/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigzrn76/ms/onc/mt/1666775813/mv/m/mvi/2/pl/48/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7636522320674355&output=html&h=280&adk=3136683557&adf=3904526555&pi=t.aa~a.1885888291~i.2~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1666776418&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1317311591&psa=0&ad_type=text_image&format=960x280&url=https%3A%2F%2Fsbo.ua%2F&fwr=0&pra=3&rh=200&rw=960&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666776418488&bpp=2&bdt=1240&idt=-M&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D00d70b176274d0c2-223a4d2d58ce0046%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug&gpic=UID%3D00000b787fbf0151%3AT%3D1666776417%3ART%3D1666776417%3AS%3DALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA&prev_fmts=970x100%2C0x0&nras=2&correlator=2771155384098&frm=20&pv=1&ga_vid=40815159.1666776418&ga_sid=1666776418&ga_hid=1372572450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C31070307%2C42531705%2C31070423%2C44775016&oid=2&pvsid=907912969534065&tmod=1828733209&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=F0wqbnqhzH&p=https%3A//sbo.ua&dtd=20

Protocol

HTTP/1.1

Server

2a00:1450:401f:6::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 09:26:59 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2791904
Last-Modified: Tue, 01 Feb 2022 12:57:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 26 Oct 2022 09:26:59 GMT

Redirect headers

date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-aigzrn76.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6263F662341485547177FAB1FB6E5B4E2C0367B0.626D24B6738ABBE1C07ED3B18CCE9678DE0345D6/key/cms1/cms_redirect/yes/mh/9z/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigzrn76/ms/onc/mt/1666775813/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2617 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 08:42:17 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4D37 23 KB
9 KB 46ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 170792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 10:00:27 GMT
expires: Tue, 24 Oct 2023 10:00:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 34F9 23 KB
9 KB 43ms
42ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 170792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 10:00:27 GMT
expires: Tue, 24 Oct 2023 10:00:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 144ms
61ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

091359ba00cb50764f0353bfac58446686573f37c3f3424fcb579222d366786e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11218
x-xss-protection: 0

GET
H3 200 zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D37 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce678ea3c38d93562a5980fc0e93e397b7349f863509e61646229226bbdf9af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16035
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 08:08:28 GMT

GET
H3 200 zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 34F9 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce678ea3c38d93562a5980fc0e93e397b7349f863509e61646229226bbdf9af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16035
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 08:08:28 GMT

GET
H3 206 file.mp4
r4---sn-aigl6nsd.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 33F4 130 KB
0 59ms
29ms Media
video/mp4 2a00:1450:4009:5::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:5::9 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 26 Oct 2022 09:26:59 GMT
date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2791903/2791904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2791904
last-modified: Tue, 01 Feb 2022 12:57:47 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 591ms
591ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 09:27:00 GMT

GET
H3 206 file.mp4
r2---sn-aigzrn76.c.2mdn.net/videoplayback/id/5a3e3e9da92b55fc/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3788168268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame CCEB 137 KB
0 60ms
29ms Media
video/mp4 2a00:1450:401f:6::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401f:6::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 26 Oct 2022 09:26:59 GMT
date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2791903/2791904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2791904
last-modified: Tue, 01 Feb 2022 12:57:47 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D37 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BWYmVY_1YY_3rFcqHzAb7t4CQDQAAAAA4AeAEAg&bg=!f3ylfDjNAAaaxvStusY7ACkAdvg8WlOIRpUphTI3DlP5uJ0bRyl_FehsocSNIJW2ZPzzsKOP2iaU1gIAAACWUgAAAAJoAQeZArbfua2VMhgNjT-tMLNocpi1wFHVvh9IQDWq-CkZN8zw4SlS8reyVxYbp7twLCgLmeuyP51tOeqsyKcMonrSEJGTttvcBZfVxKZpP2iA1BlzbJn82KUw7WAlxxmoybW1Y4yU1gueJvT8hr_wwwStTG4Ym_WLlUmOKcCvuB92kFeYgCMdktm93sjuveTGmZgeEd7A9bghC6EFojyyDqFDq42eCmuygyEtmQBM0vNQBUOEWK7iNJyumSNf7oq82DK33dKEVwVpKgsTIf1fVY-0XmmvCmjhKQqfwk_car9W21TAZyM_WwObmTzfTMZfHTwFmkZsm_MaOgWMjI6jUu009xXg4uAcWbLCT8KTCg3lI4eeQpNT7RP89cxp1dCGeHkJf3u3fJI5v12B_azAf5s-ODxYsS8TR4gZtw_wdd-Zn2TzR1E9GNdxrjBZl6jXzh_uIJeL8rNNfJMfYiaJu2JBOsC0uXYEAR8PoAEl4DG-QAKs4EceZzZiVo1aXXp1-sbqTAMBzwrrAyWSAm1RTKDCvU8Amot-ntQpb9HjryJb6woG4xsSgAftjmqaWxiLH9UH72R-2UnyRcYAIRE_a-f_PBp0t5sCcR9udRNd8VW_og_rmcw1JUqPThxRntxkZb0C-bfldQZfgkGNU3mY55HLxnevJ-BL5TcqVhF1cifoT8o8-I2sdkdtzH0HB_v1JfH1jY8RdfZzccPJwQcxEKlha8cTa8vvMeVZyT5V_8mnT7QeZw9PhcX3Av7Uuqh-PoRxLzODcJW8gwy9Da-WvyVUfd7vtAUCP2efOQ8fWjzcCHbQO3HFp2_Nl2-lJbggCh29-5-QJaJwAIHGbxa17oGOUkRckCX5ICWw-ktQeLK3ko5mesRUgqFZeL0VBslz535Z2zYo-CPFnXFayoMFq29fA3f3i9fqwz86

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34F9 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BnEmdY_1YY8_6FYWWzAbfgI-YDQAAAAA4AeAEAg&bg=!0tGl0ZXNAAaaxvStusY7ACkAdvg8WrEtFFPEev3S6T2saUwF4C4njz9ZAttJF6-QKkX8vLZmiH4vrwIAAACJUgAAAAJoAQcKALfqH3GEfNWZkVsr7FHUKp0HjOY5kITwCKRyFHJXpNbd1HF_RT1Acy5xFRymF3KRTHM3TskisVr83c4Rf7qopoGxkgrYsLlus3sc-hJ9lbCR39uGX064ujaKsgibYNLPO_bg1iWGqOo-ZE5uasA9oK7gJoG0gIC3W-bSA_HEtp7Mgo3je9AXNNsMXsYG0r-M76BK0eHAuNpsrSMlbYCJby0wZYE6Shdf13e9ljaocConhR7MD-ScZNWZArUoOdqJ_HRRBzjlUi36PjX64UGJVcavg8_rFN_2p0EPl0gzTMhxha00fDpqRbPOEOryHH56nNDQPtYX87CfDgNWk0WIqbkrTdNQwtQbMC1WoHI6WJjiIzJBQvmncHXARk4F3cq2UsDDDvIgj3WsDeb5caZD1i-L2dgXYMYUZLh4ARKOhqCvT3CIAQxUtGY6Lm5jskG-EGTyOmubJbtoy8kZUG-J8kIVdGdsIE7rQgk4F6kYDuxR_krLTA71FEyM9ADXd57M8zqabezHlWirOk7I_VYBLRAq1F6QtULCJu4NRjaEm3DQ7IqBIsij11q2s7W6wER8iG8roZrFOg3g96RM7JPKDa3jH96Mt7MrgYhhMH2ek39_n3SEDTnaDdq2rSpVn1hgfK-2mDnrg0zPdq3CXoA7dHs5qyDKNV8h5wHmCCb3WjBDWGl_frZDTvmHwdOXgn4T-FBhJmkUzLKU4O0XednCvszbygzDhxdoDIYuZZIxEXgiuZtu01r-eBP-E5j981jG8V58AVEsomH6K6F6g0eaPYezedYo1eGCinz-Kd1dqKvTkNQKPSthDX1YNx0zBVm2jU7sxLK_Sga14a_PlApoy41_DrZjPdM3uxoU4SvQq3dOx3bZyDFuuBkAu9tcCdFO7NX2GMQreGgw5qI5ucLePHPH7BFGQeMT8IOs0bFfKv7DIEnPY0WuIsMPWrpCEcIsTxsicgHW6G51FYwNuXD0XRedXZqTWubWglZwF0ylUIp9Okakbcwk1HvXwVeYnvsivHAY35wB-qaBRbmB9Hw1hemVvVAOv6PNykkZUXOyliksynUb5YHFWd7wiu-TYdRbVfEZdZiDB-N3U9GSlycIwWpxjxW64fc9xyfc17eGWJCi8_zdEzuk6usFaDgqFbOOYJl_crDeDHIZf-SLrzp6V70

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 487D 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVGXvl6PpGvKvcJVlGqs_0UpwHMFfx2rWrUYZfB4zr6_2YEucXXxG06TJXD6CdXGeDNoHmlPNFnSmAIcwxBDWzB35fe5Ts4VSGkdHu-scos6ERZJIO1SHivkijNhJGlrTHGmO7OQ&sai=AMfl-YQcr6x6v6HtXjo_zLcVwhk9qxigRCAJekAzt1hY1Rpwqxhji7oVEYl7hAOGH2AW6uDy1V3ZUyqKd5u9vCo&sig=Cg0ArKJSzF5uKIyITmAXEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=252,927,1000,1000,1000&tos=252,675,73,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666776418573&rpt=566&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 27AE 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:03:02 GMT
expires: Thu, 26 Oct 2023 09:03:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 508F 783 B
535 B 48ms
48ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b176832488917eebc58247cdf852837f6990144a0342789ad5259050492c8375

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HvqTJyvgoc4ycCMfK5k6xQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sbo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-HvqTJyvgoc4ycCMfK5k6xQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 09:27:00 GMT
expires: Wed, 26 Oct 2022 09:27:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C36 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6kmXKumL-9Cn-Ubxvf60U4OltOy_0FZTM5Lo_ipCYV6fRnF_2JcImO39B7RGiy3kTaHgrk-m2RZiD8QDLo1lLpn8yP0jw_djFOKxGASjpDNicVRp4X2iQhwhhRa1lW6iXpzFON4PJpP1ZUWxh_6r5XPnizKJ-lcgLO0DbTBBzozXbVpc4aZ1rXxpydh6v4QY6JMeNKB2fe8HYriMg_pQ9h9qhScJFDHQErvCaolPBDsFHuPgWOd45IcIEITtnv7ieA3K-gxqGZtDHejthdR9TR2GWzOsHj-aueQg5BlE-027IUui1Ldjtw4BVurHQWsIa0yszNjyhVDArdmSyDzgXKk339U5eCfypIT6a-SlCzFQgDEntsVojPrRneccNEVWi7I7P8LwWoQ-Q7S3fSuzok3pnBcZqP0ICHiFxKGFlMV-vqf-RYO7GTzJmXbBsFasU9PCfA1_lp4t8HDENmRhx2XbzOnU9ARRHCisv5Io3VE-MqwdjrRKtD_AtjLn1m7Zoc0NanKSKGVrqY0pkpRZRqvVrVZ6nl09YHhgAQk9ToC4O0IDSumqdOVZJOCCIZHw9k3IK6GlTq5uQNuM0vCJdirEz1harZ87_ZibXYXNXrA25xOqYkkNqoPTic2IIzwtfXysuyndVv8dCfLBTAtUODwtUhRBjMWlD0BwHskZQlgsuvMiCruhDOUygxLeDCoHq-YvYPn8dNUxa_K29C2VpCFxIMlwgR4JzEpzbUnlexWq4crc-H3iT_EftQinwkA7-6G2pIt-hzeOTyCFsSbl0-URf977Rux0cj-CNpMPhJlMJSNkNU4HlZHCDfNAFsggGCWAglyYGp8-yyV1hvFemkWGp86eAQYAzeLNZjFeFrhdM7A_56W33UzYBuHkixW7Jy_kr80UPmyrAGyOM0uKC3szGOzzsVAoYq6GNJRLsrHQRH4Pky35c0sIl1n6paAJcb4BSX2C8xCkPx22WkthsR2q7iAvToOFOaf2dwXaKxs8GyxMzFMRkidLpVgWUWu97_m_3gaZFbY3bgJ-k4W0&sai=AMfl-YTFTXIFHClKSDrYS4HjO7gFThbReUZ7X5vyanWLFO3VP8h4xOYhan9BWZaJhKTOZ64n7hVTNUNHWe6OraLAKLlJR704hPFPpg1K&sig=Cg0ArKJSzH67IvAJam_hEAE&id=lidar2&mcvt=1000&p=0,0,100,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3151828671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666776417811&rpt=1673&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 50169979 Show response
mc.yandex.ru/webvisor/ 43 B
157 B 363ms
95ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50169979?wmode=0&wv-part=1&wv-hit=801661279&page-url=https%3A%2F%2Fsbo.ua%2F&rn=636695287&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1666776421%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221026092700%3Au%3A1666776418618702140%3Avf%3A15m5t3makqb6yg1f8bcanw%3Awe%3A1%3Ast%3A1666776421&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sbo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:27:00 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26-Oct-2022 09:27:00 GMT
content-type: image/gif
access-control-allow-origin: https://sbo.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 09:27:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 508F 0
0 74ms
73ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=907912969534065&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 27AE 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 08:42:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 27AE 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1q_QiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:27:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 33F4 0
17 B 344ms
125ms Ping
image/gif 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9pfn812&c=5583204298925&slotId=2791602149462.5&qqid=CN2S5YLK_foCFe9CHgIdot4OTA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=919&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:27:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame CCEB 0
17 B 343ms
126ms Ping
image/gif 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9pfn83o&c=7774981720450&slotId=3887490860225&qqid=CJLN5ILK_foCFY5KwgodLdoO4w&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=919&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:27:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 50169979 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 98ms
98ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50169979?wmode=0&wv-part=1&wv-hit=801661279&page-url=https%3A%2F%2Fsbo.ua%2F&rn=492074845&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1666776421%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221026092700%3Au%3A1666776418618702140%3Avf%3A15m5t3makqb6yg1f8bcanw%3Awe%3A1%3Ast%3A1666776421&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sbo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:27:01 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26-Oct-2022 09:27:01 GMT
content-type: image/gif
access-control-allow-origin: https://sbo.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 09:27:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=907912969534065&bg=!PT6lPnrNAAaaxvStusY7ACkAdvg8Wpiz-ODCsKU0KGNHSED9hQIh75_9dWnoFOJ6QFs8RG4dfr0o1wIAAABYUgAAAANoAQeZApCVAmLZgbDEhufdXgPWop7bSw-PGvDirEUXyeyt6nXGijJefGzk70UMTzZaXc2mdOb3PW13Kx8Sl_DxJRsc07PJhAaWxiECHSldeloTKHj7sf94DU-OzAvGrEdm_kLGON6C6M0DQBBZaeZpk5KOflXQEMPpFmNVWWDQ_YyJ8mrlS5TjTVnzew2dRGW7jgJApAj0jSHmOZwHNjks9nu9nv0pBq6dTQrxtYnyrbGnUsF0HyrGX59wwRBY8XmWAFaxDFsUP47-fi-6fxiU7KWUFzOVRLw_IplxaVFLzEJZL-SgtYBQ-DAszVLFBEyvALL1LHp4SX_lUsqOBE1yrWZyFvCj37dR62FyxX2dxfzyHqDquDRJtR1b983jEymFyFex4qm8R5RUtrvfV3YyVOx2fsmaXb_jdwmTAECbLcNeo2id5pAoRVzNgXLVnFbLJMjMvdfs3GPf5jO75BxF1-Nr3A7YDq9VpcHoGmnBfN3coj19Z_AhD6c5VlfsFBpmeylJ9uor90tKRlz9ZpXcSsjcZSCwvyu1HIiHkYFeS35wYHA5thsedQVpJj4jUEFHXi6GPWwESZAYGm_GhkRZqZQJ6Wi7qn5QHRzll6M1qLBY_wQ-PJpEInDtnHN-WuZ5pIaAB6ghDv78tRL_GZwcUWDjGJhy0e30l1_xHSBFQV06gg7dKcoKQXhT-WaeonkVJoMpD5i_wy-_IrGzW1NUo4XG-PSJYKA3bVNoAhdP9Inzdgd8r9bf1McF4csd43LXlJvzzGu-4WNLHfYqpZOIm6Eid_kSxrFE0WSeREnLDd4yuUD1V2xrMKGpZSiAXwaulmYbp3j4Uoq3P1BixZDQHTxkXx-80zDYejbD58PZ2JqsD5KFgg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sbo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 200 50169979 Show response
mc.yandex.ru/webvisor/ 43 B
176 B 92ms
91ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50169979?wmode=0&wv-part=2&wv-hit=801661279&page-url=https%3A%2F%2Fsbo.ua%2F&rn=157502907&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1666776422%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221026092702%3Au%3A1666776418618702140%3Avf%3A15m5t3makqb6yg1f8bcanw%3Awe%3A1%3Ast%3A1666776422&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sbo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 09:27:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26-Oct-2022 09:27:02 GMT
content-type: image/gif
access-control-allow-origin: https://sbo.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 09:27:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ua
URL: https://mc.yandex.ua/sync_cookie_image_check

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEH3gftW2mbmQlnVZDgyrhHQ&google_cver=1&google_push=AZmPxg83BHZ2FFGIG2NqugE8MqvLYurhFXwTiHAZzynWE5mLkuKxBUzidqOde4h3wJ3BgENA79p8WU53HmTN1Kt4Dl0bD7zkJL3LIA

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sbo.ua/	1970-01-20 07:42:48	Name: lng Value: ru
.sbo.ua/	1970-01-20 09:23:36	Name: bff_geo Value: 0
.sbo.ua/	1970-01-20 07:09:41	Name: bff_device Value: desktop
.sbo.ua/	1970-01-20 16:35:36	Name: _ga Value: GA1.2.40815159.1666776418
.sbo.ua/	1970-01-20 07:01:02	Name: _gid Value: GA1.2.1110428020.1666776418
.sbo.ua/	1970-01-20 06:59:36	Name: _gat Value: 1
.sbo.ua/	1970-01-20 15:45:12	Name: _ym_uid Value: 1666776418618702140
.sbo.ua/	1970-01-20 15:45:12	Name: _ym_d Value: 1666776418
.yandex.ru/	1970-01-20 15:45:12	Name: ymex Value: 1698312417.yrts.1666776417#1698312417.yrtsi.1666776417
.sbo.ua/	1970-01-20 07:00:48	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 15:45:12	Name: yandexuid Value: 8505613191666776417
.yandex.ru/	1970-01-20 15:45:12	Name: yuidss Value: 8505613191666776417
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 417128381666776417
.yandex.ru/	1970-01-20 16:35:36	Name: i Value: Vc13UP52tEV58BCuZGiuSsNuK8P6DnK71EE3zS1FytBT1w2Y7JfZP3m2IXaBnYuV0dIjtirrx2AseX4Bhve36AhtUMo=
.sbo.ua/	1970-01-20 16:21:12	Name: __gads Value: ID=00d70b176274d0c2-223a4d2d58ce0046:T=1666776417:RT=1666776417:S=ALNI_MaSy9nSr2WX2lDBZwiq-WBW5v_Bug
.sbo.ua/	1970-01-20 16:21:12	Name: __gpi Value: UID=00000b787fbf0151:T=1666776417:RT=1666776417:S=ALNI_Mb-7tpu0T7jEi658SIQzj_GzjOQoA
.sbo.ua/	1970-01-20 06:59:38	Name: _ym_visorc Value: w
.mc.webvisor.org/	1970-01-20 06:59:37	Name: sync_cookie_csrf Value: 888768931fake
.mc.yandex.ru/	1970-01-20 06:59:37	Name: sync_cookie_csrf Value: 2203897268fake
.webvisor.org/	1970-01-20 16:35:36	Name: yandexuid Value: 8505613191666776417
.webvisor.org/	1970-01-20 16:35:36	Name: yuidss Value: 8505613191666776417
.mc.webvisor.org/	1970-01-20 07:01:02	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 16:21:12	Name: IDE Value: AHWqTUmALVhq21z1IjNxELs1_aZSget3jzCsIT8x3ozHoylgxSkc-iYLWNxURZGZcfk
.rlcdn.com/	1970-01-20 15:45:12	Name: rlas3 Value: Wu/7k3BmjFSGgsfqpwaKqkO79fQ27e8RE87/ZE4oMFw=
.pubmatic.com/	1970-01-20 07:01:02	Name: KTPCACOOKIE Value: YES
.travelaudience.com/	1970-01-20 16:29:50	Name: _tracker Value: %7B%22UUID%22%3A%222451D74E-F0CB-4B79-B704-DD035F2D718A%22%7D
.yahoo.com/	1970-01-20 15:45:34	Name: A3 Value: d=AQABBGP9WGMCEEBZt6734tuauz2aYZhbMGwFEgEBAQFOWmNiYwAAAAAA_eMAAA&S=AQAAApX8oHLN64wrmW1TNR5oVS0
.doubleclick.net/	1970-01-20 06:59:40	Name: DSID Value: NO_DATA
.innovid.com/	1970-01-20 09:09:12	Name: uuid Value: da0bdf9c-a1ff-4a90-a6e0-7dc238b42d0f-20221026 05:26:59
.bidswitch.net/	1970-01-20 15:45:12	Name: tuuid Value: e3ea83d7-1b4e-4877-9552-b7bf44d1f6a4
.bidswitch.net/	1970-01-20 15:45:12	Name: c Value: 1666776419
.bidswitch.net/	1970-01-20 15:45:12	Name: tuuid_lu Value: 1666776419
.pubmatic.com/	1970-01-20 09:09:12	Name: KADUSERCOOKIE Value: 79A13CA0-59DD-443D-A26A-67B4C2144AF6
.casalemedia.com/	1970-01-20 15:45:12	Name: CMID Value: Y1j9Y049bDhnKPq5OWNQjQAA
.casalemedia.com/	1970-01-20 09:09:12	Name: CMPS Value: 4324
.casalemedia.com/	1970-01-20 09:09:12	Name: CMPRO Value: 4324
.analytics.yahoo.com/	1970-01-20 15:45:12	Name: IDSYNC Value: 18yx~27xl
.rlcdn.com/	1970-01-20 08:26:00	Name: pxrc Value: COP645oGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 09:09:12	Name: CMTS Value: 4558
.mathtag.com/	1970-01-20 16:25:31	Name: uuid Value: f2846358-fd63-4b00-a38e-24c8275ac021
.mathtag.com/	1970-01-20 07:42:48	Name: mt_mop Value: 4:1666776419

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.ua/sync_cookie_image_check Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEH3gftW2mbmQlnVZDgyrhHQ&google_cver=1&google_push=AZmPxg83BHZ2FFGIG2NqugE8MqvLYurhFXwTiHAZzynWE5mLkuKxBUzidqOde4h3wJ3BgENA79p8WU53HmTN1Kt4Dl0bD7zkJL3LIA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
bid.g.doubleclick.net
cdn.jsdelivr.net
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
maxcdn.bootstrapcdn.com
mc.webvisor.org
mc.yandex.ru
mc.yandex.ua
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r2---sn-aigzrn76.c.2mdn.net
r4---sn-aigl6nsd.c.2mdn.net
rtb.openx.net
sbo.ua
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
googlecm.hit.gemius.pl
mc.yandex.ua
104.18.18.126
149.5.244.214
173.194.76.155
18.156.0.31
185.29.134.248
185.64.190.78
216.58.212.162
2606:4700::6810:5714
2606:4700::6812:bcf
2607:f8b0:4023:140f::5e
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4009:5::9
2a00:1450:400c:c00::9a
2a00:1450:401f:6::7
2a02:6b8::1:119
2a02:fa8:8806:20::2040
2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88
34.98.67.61
35.156.117.52
35.186.253.211
35.190.0.66
35.244.174.68
51.89.9.252
65.21.142.13
69.173.144.138
02d8f64765e9c3b946b6f3e0f34539fc29a0158fdd11832fd4d567078ebff222
091359ba00cb50764f0353bfac58446686573f37c3f3424fcb579222d366786e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfef1a95c7d328b87846a385d2d9ea3e7f87e507afd6dcaac868c928464a58b
0c342e86d744ce838eab3ff01b25941f78120505f86bf8b7d986670486c40aa4
0eee12d95373a8af7b47f8c4eefa36654a0d5aef7690067829e88ac9c954b4fa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1a80604f1c1acaf6b6b9cb0724c02e909a88405d1520221083ef29051774647c
1d3306651bbcc559878ecc10aa47351f0aae66ff721b71f8fe41d116ddffa4b2
1d7087fafff9efe1dfffa3b4000742f05318decd3d05994130039cd3fcae206f
1dbf195b3894b3a3b22ce8743e090650d5882dd213a1219083c09b17c19c41ac
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20653f69e6c6d898d6007567ce8aa0918d0b9e400a034ef7683a9c61bb58af69
220de0359b7924c4e6ab8282e217315d097ab146f902c5c30c077a3eb8f4ad1a
2718b0dcbba10f735be20dd04e03883439cd9338564d25b899cdf9bd0b653fa2
294e84c9a3c15d0de91fff7144c980567f6cab83f79e8f1f82243c436e6b7ecb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d2585f37d01f033b032350aa27da871e0b8748d9812e4e08d65c0537240117b
31132fa42abfe16afac2d2455aff79feeb93feb4eb656ebec4186c2423ffd37c
361d21a5692ec6c1ed1a493eb0da2059c408b65e36a9476ac2070f92908a7a90
36f86f0236096ecae0facf9cd468c820996234c6f827f2f484d817be7b7b826f
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
38e7b9ca19ffebfb25e3c084306c1db6956e44e8a3f98a14134d7a9b4f938ed7
3b7489d60ed881f5afebf99237a2c3846ffb0c51ad829a3ab5e12f3885e8335a
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4960b241b03eb34bb77c5b684daf3c96be5ebcfee350e661b5d84d678201d8a2
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8d21983f910519945e1b38081d22b02afd760fb1d2e148fd9beae3c8038c93
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503807cb1d742664194c7c9bfbeac80ef0eb2ede1d8de36e000cde237b35a455
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
588d589541c7bb86b00d92e5c9758f5066655c906af50649246f1d4d739ec0bd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f530c4c444741548fa001bf0bcc17e8c703c8e2453e53cfb87ef091ab1df174
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66bfea983e7589fd7ce5457f8894522260337f38874411f7b2aa6ae0a0c6226b
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a04a50717020b4b5731b401cae5b1c334b04acee7cadd46b2e766af536ec3e1
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6f99c3b46e3e9c4a0b83bff85ab15facf6d8fa7cb43632934195ffbe59c34bb6
702946a3006dde2253d4f53b8b7bf2cd0f38b6744c88ac9cb4a1d76ceb439355
7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6
74e3956da67c3d9bdbf78f96eb4be3ca56d89972657d2045b57af58e1c401ce8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
90a8232c9cb8de2e8e5e45b8c1962ba78cbd61f338af7dfeca6557fd60301580
921213566f1e25fa1c2e26e367a63dc4c02cb78185a1b4ca95be4ecd0c41a917
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c284b20c09e7a69d4b129c6309faa30c646ab70c255281cbf85fc4e46614e6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9f2aa593046e7ccafdb3f6b20df74c3aec1db190ac849308ddd738b3bb7d8ddc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176832488917eebc58247cdf852837f6990144a0342789ad5259050492c8375
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7bcac105b3cf6f11c7e78336ec0710cce355c0a8c0b541dcdf6e3669b59d03f
b94350d6f098a2c0bdb7508110ba2b9389800d34078da01990a65d4275c7fa75
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf01316116338904418de867eb5d44b8106e697f119662781658b0daa7128d57
c1edc4b3b4abb51bd3eaba651308588fc3d2bf5a83865b4b319549566b0a6858
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c48f44da2243a518830a174613cf9629798236def79100e6b6fd1a08915b654d
c80aaa6d8ed8c251c3200e6455a3e637f14144ab6430c63660397b49b1920c7d
c9245fa9030df399d77feccd5778a818d3c4097e8eeb7cfac92bdc21f6707079
cad458d9ae966a219f34ae8b4dfeb55b1f6aaa79cce5edfafe8f41926a209062
ce678ea3c38d93562a5980fc0e93e397b7349f863509e61646229226bbdf9af9
d15d8e5719d5db6322e95e75dcb973ba0c57c59837be846fce64f1306b9fd79f
d71a9aa34de3fb2a96e6f718a8719420a6b87ca53971955016ec8c0ecb641b79
db06a2823e912a519da92df7eb70da3a2ac8b030eadcfd226831f3972668ade4
dd909b599113334d60d215effdc922df459e70de2b01648d79a93b8ab3ecaa80
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ea9af222d8c2807c999e627f10bdc15270c1ee3bb042e39fc0af05e09713dd
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f77d09d0283a5e591c943082e6eb042ef8c671d52c0c189dfa1df716de570569
fc7d5ab2393a8298448c75a41a743afdbafe13a1fbe4cbd69205006c30521dfc
fcce44615b55a92cc4aa9206d88933524e7b598b3fc5633a1f697600114a2eff
fdc8912a78b78c5faf31e78e2a365787170ac0b511d2798fcdf21044caa7c8ef

sbo.ua Open in urlscan Pro 65.21.142.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

90 %HTTPS

61 %IPv6

30 Domains

41 Subdomains

29 IPs

10 Countries

1674 kBTransfer

4793 kBSize

41 Cookies

0 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sbo.ua Open in urlscan Pro
65.21.142.13 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

90 %
HTTPS

61 %
IPv6

30
Domains

41
Subdomains

29
IPs

10
Countries

1674 kB
Transfer

4793 kB
Size

41
Cookies

164 HTTP transactions
6 data transactions