vchys.com.ua Open in urlscan Pro
136.243.155.228 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://vchys.com.ua/
Submission: On October 25 via api (October 25th 2022, 4:30:54 am UTC) from GB — Scanned from GB

Summary HTTP 182 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 25 domains to perform 182 HTTP transactions. The main IP is 136.243.155.228, located in Germany and belongs to HETZNER-AS, DE. The main domain is vchys.com.ua.

This is the only time vchys.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	136.243.155.228 136.243.155.228	24940 (HETZNER-AS) (HETZNER-AS)
32	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	193.200.64.20 193.200.64.20	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3 13	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4006:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4016:7::7	15169 (GOOGLE) (GOOGLE)
1 1	3.126.163.185 3.126.163.185	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88	16509 (AMAZON-02) (AMAZON-02)
182	31

18 136.243.155.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ua3.d5.com.ua

vchys.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.20 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.network

dominantroute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4006:811::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4016:7::7 (Ireland)

ASN15169 (GOOGLE, US)

rr2---sn-h0jelnes.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.163.185 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-163-185.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	772 KB
27	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	186 KB
18	vchys.com.ua vchys.com.ua	325 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	275 KB
13	google.com cse.google.com — Cisco Umbrella Rank: 2749 adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 421	205 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 363	129 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 ajax.googleapis.com — Cisco Umbrella Rank: 306	68 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	186 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 671	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	912 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	484 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 729	795 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9029	2 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1565	297 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 651	758 B
1	googlevideo.com rr2---sn-h0jelnes.googlevideo.com — Cisco Umbrella Rank: 90073	2 MB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	356 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 584	98 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	40 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	696 B
1	dominantroute.com dominantroute.com	137 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
182	25

	Domain	Requested by
42	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com pagead2.googlesyndication.com
32	pagead2.googlesyndication.com	vchys.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com www.googletagservices.com
18	vchys.com.ua	vchys.com.ua
13	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net vchys.com.ua
8	www.gstatic.com	googleads.g.doubleclick.net
8	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
8	www.google.com	cse.google.com www.google.com vchys.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	vchys.com.ua googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects vchys.com.ua
2	cse.google.com	vchys.com.ua www.google.com
2	ajax.googleapis.com	vchys.com.ua
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	rr2---sn-h0jelnes.googlevideo.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	clients1.google.com	vchys.com.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	dominantroute.com	vchys.com.ua
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
182	35

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.vchys.com.ua R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
dominantroute.com R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-27` - `2022-12-06`	2 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 19 frames:

Primary Page: http://vchys.com.ua/
Frame ID: E9967E1E1B972D61C9636F0528FD6283
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: BB6F0EF1CB7A3676A0B56888349615DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&adk=1812271804&adf=3025194257&lmt=1666672248&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fvchys.com.ua%2F&ea=0&pra=5&wgl=1&dt=1666672248698&bpp=4&bdt=323&idt=176&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4512340861840&frm=20&pv=2&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=199
Frame ID: 8328672C5DA04596AFB9E097A6605D69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=90&slotname=1494452228&adk=2905109319&adf=1076915276&pi=t.ma~as.1494452228&w=728&lmt=1666672248&format=728x90&url=http%3A%2F%2Fvchys.com.ua%2F&wgl=1&dt=1666672248702&bpp=8&bdt=327&idt=208&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OYwicCg79F&p=http%3A//vchys.com.ua&dtd=213
Frame ID: CD7C4061CD64F9935B29A2AFC8EF6B78
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&slotname=7401385020&adk=3245228110&adf=3920548723&pi=t.ma~as.7401385020&w=315&fwrn=4&fwrnh=100&lmt=1666672248&rafmt=1&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666672248729&bpp=29&bdt=353&idt=207&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=mRO4K3lnFh&p=http%3A//vchys.com.ua&dtd=214
Frame ID: F236F12E96EB9FE0C2FA2041EB41BD13
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1666672249&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1666672249516&bpp=1&bdt=1141&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MlarLsqSMp&p=http%3A//vchys.com.ua&dtd=37
Frame ID: 127ED16091C134F3A969293E586FB470
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&adk=137533416&adf=404476720&pi=t.aa~a.1415951696~rp.4&w=315&fwrn=4&fwrnh=100&lmt=1666672249&rafmt=1&to=qs&pwprc=3519743202&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666672249560&bpp=1&bdt=1185&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=3770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SIzEbnt56f&p=http%3A//vchys.com.ua&dtd=7
Frame ID: 051F51EED253B863D2B5D2481CBFF806
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Frame ID: 106222298E5C853D56BC94B6577990AB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGPmf3M0BMAE&v=APEucNWCZFkeu9-AbCLYE2Q57-7tRW1O_hAUhw2Wyq9iyKZAm7AM9VDv-NTtuc60CzsLT2-v6nMYKH5EE5KItGXAqNd5mpcrRBorQxflmpajZVdMdhTN7nck3wpdgkAIxhErNSQ2rjw9JxajSL80PsTtuFU93u1tOUDj9EMRfwgobm4TlUbd75M
Frame ID: DF5AF62F319648EB20CB88F90E97DC18
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwOYouRRvvCM9pXBlMo24lBtab7Q9JQQLfHl--eBrvAot-WKRuZu7ei-lK8al77fqrDtxOOV4KL3m_X4mb7tba2rqwMA&cry=1&dbm_d=AKAmf-AoHyXCGn0WG4Ij_BgGVyYz4ySKht9giYWbIe6cwjQGH4jHKT6lbw76DLflXTPrqoLfkmWYFIiGEbHio36wbNAO2YVeyLgt70DW2FAOmmXytOIvzoqmcT7pMVVdlrpzLA9-H78ZauzTm7xV_ACqxlxRXRy0dM3csN-KywqR683GfaICeuAZusPqTuplXQ1ufx2jmT5eMgGn30ewB40jSr1OnHaviTkBrd2hslMREikZHZRLVISF9cGTW25jDS7U1iXa3utiBqqCzPus6R49DkvVi1MSSOW4iEeiQbCyrWtkF0YqA0IJmxXFU9wGccRFL3Uhmoi9y53IfsvsGb1pG0kx514-wXN0VjkHZBTYDkH66O_UVUp78qmbTgfaAHa9bPCAsLBCbUYtJjsJIT414XPGpH13sTWxJi_phuCLyNn6pcnBzN7ivsfs1T1wj62zBitxmRnIUSogFkAMZ8aMDucQG5aE8viNZLv8Vr99366YmW8udxgnqTPuc_WOK_el66TcAzWN5ERC9c97TQlLGn8B0H88pZeXrCnzPlRt8-SLg20dvnz5l22oRurpmcqebHfRadkR7Nc6EERX6ai7b9QdGoFjyFXgGkPNR1tEAbEYANfeBaVK-VKOndJLFZfx5l4nWzpOrIimwVQkyIILWcD1yNAT-MbMBQ-Q1IDMrh2qd6uBPW4H7hISInM4OiLwxNLHh7MzXxl5-qMh7OsZ-hFrIad7472wotkJpNxSADRN9yk5FbTuEEFKy-JQUeha_FkA_013EXvP8pVieVGvNI0smXzMRmtw_VgGyBaETMzautH_DDe4TIAePwK3DMcWYQokR43YAZnWCQ2MSLVmyc4doLO2UmVPMBCY6V3VLUlMeKMRPRO8HaLOF4-QuRD4kgQfycS5f5ECcKOmYgZ4SyF4DlUcKExxj5G2pTmpimMBF8gsd148YPWa-h_0EA-Od8k-BPdbwJPkJEeuJchmL2DraIpSNGN1QwzoZU4GmfFvaA3dDr3B6Nf-daNj0Fxx-FK6_sdhBU2N0k6hO3R7wRh9ZHLb_c7mgYessp-vf4BCvnfse917ytaan-bCYg8URi4YB9HnZ61uwZsPMj4LbHl6ffM1c4sraLleS99NBqsMe6dYHUBcn9ZM0ELDxH6lN0UC2NpV1joPb_OBAjeRQhiAxR8nkOUyonuLup31JMXVzN8R935VL-eNb8RmtAs_31f-sPpUNiefideX2zxCIrBeBYaIoBbm2e95MkpYAnp9XMVRzwc-ReTDhQo8f2g-n8XRro5qYqjjLKI_RRkCH12Bz5N3F0bj1OxUQgzJUFqhjvD5SjFatCtDllAYy4uVpzZMKmIGvcNuw94dDi9Y9n4yl59aA9mf4bCMPffIn6tdxL7umLymdgFGI0n8qV1zkNUdwRizfWyX4EMEpnQ6RYAwsWbUSF129ZfQ_I3tNV6I2sEHwGwApirtW_V12JRxmthvBxoL-LeUxIXbNFPhuShGxNtO25aJ9rO11D_WHTQOZI1KFytGayPDrutKU1vPcM-Fliv7EjcPRPiDzQ85gO8LLBtbNnd9YJzGYH0MF8ycDF6ILqJP0fU3XowtDqQtXMIgOBSbzmJOXRMUzUm-EgLNlqUFxSwSXp4WMPomMyg890zB8WuLGc3d1ZvHWPjVPiKwdRqHCV0bBKKuCHeYdFVfU6A7t-eSSQzpoF5zDhITJwmTk5JvilORF4WHypCSK2xL9R6agltSbPHeEWYjDXrPHZEIDmcMF4RgjyzKjJWX22fR2MIrIKiFZWL5K3i3jmFjCP2FIX08h9JI8iBdyvnTUKOjLcjl87GnVCOP8aTjNaSnh5Qk6LNTIH00GoUi-QKtXeXYXRDzqFhZHRt07K5XnCouc4mUugbnMEOu5J0NE_5Wsk-Vjz73wQx-JvfQ_Oh1y4m5uL4cmvl072D0FuSuFRjCi6mMd1rl0PZN9V9wg7UCPqY6VD5P1NI8tXgzw2zhuJpbtqLXuAhmczDt7YcpClabTBzY3Au-wxTjZICabqG7-WggSHa70wvqhJ8iEIz6dLJ7dPlHtE6anlt5EgjXThDIOtWDi0EqcMWlWjqA00M5FOSqzW-z1-ZpN-_GD4NNTVpklbR9o24V32-bBh9uP3zoOWxK_xKTJ6geUVdtsFUD-IiFcY-cl00fRsMDhcBgejaqagjsNLeLzqdqvbaBldUx24lxpEBA5DA6Y2phvBWwbjgzTNL4uaY_Y7t3Hn8kmVqHI-eyXLl5DV4sAMG1h_GzOeKtZMbqziTx-EmohjUlg8aeh1JunMrLn2GID3cFgxPpnGCHSNQ-4oBRxTLNFXLnem4tUgXui8teA8JnqFDT1ikEQTLW5-cLzkNXlcVwD512lGW8kpemwQGbq2G1dktqzTlBHiRd37rBa38BGwRDPe79XDtG2-_eSbb1jpSFQLOiCkQ6R-rug6wxPsnNysiBIieLWjRyGVbYeb-9j2gjnmwGzPp5yzo8K741giuSrROhi0-3Ug7sLSQeEQ-yPU7p1a03NTeABMX48x1jUJGMNtGy6wO4f0UbEy-tV3qD-Z6vE8X2BIncUMJHxWvix5_-PuhoS8klyBXLfw_BmWkkgKgG37m5tjZFg7KqJ9vMr0lZtnICUh9tmKp3dwqFnIK_TNYMbTwIU3AJQyOHsaxPerOu0gkhxL13bmrM0OSU5rgxrdOV6WTH1OGkDtC4wgbH_02xee7DE09P1uaJhChE4tI1DuUCiiYp2fcKv6vPFQSs9pzVuc04vnrp2qBUfqGaP1-OcXaxrVszGK45AcKy_kgxvY-iID6t-UA8-EUrPzBATBSUNjPuNsSzmPG-uro0zZ2w5CO7Pdh2-wVlnkQGyC0-9vZPwme94a587ESgK-MXktnONYwMiyKOdD19bBSbQaWGZKK66EzwbYRuKrQq3vboHdxQ1GIUqNrSV0tjodIr2URT8KVOOvTaq2TiDrvYNHyB_DYnczHP0zB9HPr2q52EwQO3lb27rkGxJUlU0IkE1rRGYllBeeyAUMK0qp43X7g-hR-IAHliatI5dq_o7kqGp9Xi1Mhw0IKmJkxty6031o4B4MdE61O9qjzNy1ekXYbnuo1_Uf5okGUeD1UvFsOhj-1GQNJzwAm2A_ab5Us07yHnNzxAoBJO8HuFWojdM9-0VT7H-PihOou0sZ4CcBBGJQktoNJJQhUViLTCj0Ed3KZhQvrc3yf72I6cDa7k8bbMUACKZX8tXgxBtSECrJhUTAAbwKK95A1R_KexN7HpMrn4ZWP4ZA5styxA6XjczCzBp_pbvEF6-55YuB4zTdWUpkANRh6A8sktrq0Y37yT7OQMIFV_PlNS499Lwssndi9rX--0GvE7OsWX6iCSwk1fs7180R4YhYi8120JvzgqxLTsOp_oi6cNb_87ixpCblE6vf5F7wc0tE5POEG9eic-JsO9RAux-v158Xceeilh86nk_ufF7uxVf7oDzPZito5FkPKapVul7zy2_BaEK6lKzk1o8sN7L4Q2eJhwGX_W7NmcDHcLxWZ0f20s7YxL7Lk79MwveOFJ4ltIg-bWMHHko5MRwyn9i-msT-aBX048bVTw7IuPEiY9t7NKhDu213Nwh2CZ_AHAdXOE92tY0Pdy3KTPxvjTN3qPHkJqbT9p0OZeEB5xctCsiIPuXrRtCQ&cid=CAQSOwDq26N9qUBwQmRuCX1MUv1peXV8xfrDfurC1MIh0BM7lTGK8-X86gsO_ziOFiF2jarNJDArvML-FKEHGAEgDg&rfl=2%2Chttp%253A%252F%252Fvchys.com.ua%252F%240
Frame ID: 912A3EF3422CE2188FA6BC088F896752
Requests: 13 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019
Frame ID: 041B557F58FEF94D14369F2ED215168A
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B2F4A551B2DBBF98001CDDB49F8DAE9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45C703FF3640B5876FB801D842C1CE07
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 324BB519E5F4C783880F4600FC207875
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: 691694AA284508244CAD815792470CAE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: 6A279679352EC64269C8AD9ACCED55FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: F3839F773666DE5C7240200BDFB17E5C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A0849230AEB262F71D6DA3D40250015
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 137444E7A05348233008D780C6121386
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VCHYS.COM.UA - Навчання Онлайншукати

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

82 %
HTTPS

56 %
IPv6

25
Domains

35
Subdomains

31
IPs

8
Countries

4300 kB
Transfer

8026 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://counter.yadro.ru/hit?t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9166924901364064 HTTP 302
https://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9166924901364064

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJP58EAiDC9bj9q31iToss&google_cver=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1dmekpmUxnMXCBT8-dwQAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJP58EAiDC9bj9q31iToss&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8C-6gIV5xQrkPnPHLwX4w&google_cver=1

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM2OTU1Mzk0NTYwNzkxNDI0Mw%3D%3D

Request Chain 149

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEERWJ1L5xpKOXcU0UMZ_w-0&google_cver=1&google_push=AZmPxg9bRtmqDO83VfNevxLUgd6c5TH0ZjExWS0vGxGNmjCUbggQlNohKxjdarydVFcSkWd6UkSkdSEMfMr4xlqpP2hXH463RtM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEERWJ1L5xpKOXcU0UMZ_w-0&google_cver=1&google_push=AZmPxg9bRtmqDO83VfNevxLUgd6c5TH0ZjExWS0vGxGNmjCUbggQlNohKxjdarydVFcSkWd6UkSkdSEMfMr4xlqpP2hXH463RtM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zv7OrjSmQo2Ke8ldqvStuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9bRtmqDO83VfNevxLUgd6c5TH0ZjExWS0vGxGNmjCUbggQlNohKxjdarydVFcSkWd6UkSkdSEMfMr4xlqpP2hXH463RtM

Request Chain 150

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA6cKEnP5NgUb2wvZp4PzVg&google_cver=1&google_push=AZmPxg9L4bt5vF730fb0ehW8IkguCakhFH97HU1vvexunLe0JSdrRPtnPnlZe9oW2ZT2n0rvTN0ZodeKfB0-HTI9xiQseb_gHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOUE1JUzQtMUwtRDk1&google_push=AZmPxg9L4bt5vF730fb0ehW8IkguCakhFH97HU1vvexunLe0JSdrRPtnPnlZe9oW2ZT2n0rvTN0ZodeKfB0-HTI9xiQseb_gHQ

Request Chain 151

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOeriASHWHjjoXqBMTyEoLE&google_cver=1&google_push=AZmPxg87Mwl2gyITWarL9JugliEKSKjU67wjQRvTysQToHfNFoVsDTgz6sbNxE0zlMbopbkPN_P0LbWaTb6JJ5V65ot8BWwFzZY HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOeriASHWHjjoXqBMTyEoLE&google_push=AZmPxg87Mwl2gyITWarL9JugliEKSKjU67wjQRvTysQToHfNFoVsDTgz6sbNxE0zlMbopbkPN_P0LbWaTb6JJ5V65ot8BWwFzZY&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOeriASHWHjjoXqBMTyEoLE&google_hm=Y1dmekpmUxnMXCBT8_dwQAAAFDUAAAIB&google_nid=index&google_push=AZmPxg87Mwl2gyITWarL9JugliEKSKjU67wjQRvTysQToHfNFoVsDTgz6sbNxE0zlMbopbkPN_P0LbWaTb6JJ5V65ot8BWwFzZY

Request Chain 159

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGTsKKNozAjRsqQ8O5WMkRc&google_cver=1&google_push=AZmPxg-fklw-wqYrYNkI9nishf_U3IzsJEieYBJdv8Ek3rh1V6OH1sXFRu1I_jMc0Hd5yhxTZRTFKDQ0glMJt9TwvNBlIgSScxQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-fklw-wqYrYNkI9nishf_U3IzsJEieYBJdv8Ek3rh1V6OH1sXFRu1I_jMc0Hd5yhxTZRTFKDQ0glMJt9TwvNBlIgSScxQ&google_hm=_yjklRpXoWbwDd-ELxC5GA

Request Chain 160

https://d.agkn.com/pixel/2175/?google_gid=CAESEOIMLHZM0i3TNsQ0HG_QkbA&google_cver=1&google_push=AZmPxg8mZO2O7tJ7ZLnR9exT_PL7Z9ExC_vLsRwKTZOpqBM8Ng-jGJfihoidaMvoOws3mueI3dwGkZz0J1kPvphMnM1IIVwoYEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8mZO2O7tJ7ZLnR9exT_PL7Z9ExC_vLsRwKTZOpqBM8Ng-jGJfihoidaMvoOws3mueI3dwGkZz0J1kPvphMnM1IIVwoYEQ&google_hm=Q0FFU0VPSU1MSFpNMGkzVE5zUTBIR19Ra2JB

Request Chain 162

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEERWJ1L5xpKOXcU0UMZ_w-0&google_cver=1&google_push=AZmPxg_yDTG6WZo55PoXoqw0TuArmT0sIw7o18mexlVtJw2wAIB-u1DU7fqJfHolkJeloDqfrZaAoBKVEdQcEcTE49c3JloZ0CQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_H7NdyH6TDifge9EDs0H4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_yDTG6WZo55PoXoqw0TuArmT0sIw7o18mexlVtJw2wAIB-u1DU7fqJfHolkJeloDqfrZaAoBKVEdQcEcTE49c3JloZ0CQ

Request Chain 163

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA6cKEnP5NgUb2wvZp4PzVg&google_cver=1&google_push=AZmPxg_c5Bdqhuv2lrZmOrejh7gKkRfFhBkio5ogzwb2tNJHMntYy0ntIDLDd5ZvU9XagFIOl8oijMxSoovZudLRwPCtxugw0tqt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOUE1JVjUtUC0xUzU2&google_push=AZmPxg_c5Bdqhuv2lrZmOrejh7gKkRfFhBkio5ogzwb2tNJHMntYy0ntIDLDd5ZvU9XagFIOl8oijMxSoovZudLRwPCtxugw0tqt

182 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
vchys.com.ua/ 285 KB
18 KB 409ms
262ms Document
text/html 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 / PHP/7.4.30
Resource Hash: 6bf128e9a27ea188071188d4a0d228a2f4cec033a168198bff3d00bb46de02d7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Oct 2022 04:30:48 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache/2
Transfer-Encoding: chunked
Upgrade: h2,h2c
Vary: User-Agent
X-Powered-By: PHP/7.4.30

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
55 KB 208ms
89ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d420c475a92422b9026bc0faf77b56b26e43e20b395e6db0d0e807558341e664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55470
x-xss-protection: 0
server: cafe
etag: 227952498814877340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 04:30:48 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 120ms
66ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39d27420dbf428a92a85c8b6051ed58dfdf45ae14c5632595f65ed72a6b46ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Tue, 25 Oct 2022 04:30:48 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 25 Oct 2022 04:30:48 GMT

GET
H2 200 normalize.css
vchys.com.ua/text-menu/css/ 2 KB
883 B 192ms
61ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/css/normalize.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 2f8d2146bbcb6552c686ea04d4bc2bd5791c8d4c796c73d91241b01792620eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:48 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:23 GMT
server: Apache/2
etag: "721-57c9e7a5ac7c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 830

GET
H2 200 slinky.min.css
vchys.com.ua/text-menu/css/ 2 KB
878 B 191ms
61ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/css/slinky.min.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: a2fc0b7634ad909fbbf3a26e5ee6b34c8baedf354649863c5935ddfad9a19e1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:48 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:23 GMT
server: Apache/2
etag: "8c9-57c9e7a5ac7c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 795

GET
H2 200 demo.css
vchys.com.ua/text-menu/css/ 2 KB
1 KB 191ms
61ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/css/demo.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: c7c3b30067a4397a1a5748329a4aca793f5b43a0058408c8a38cdff4d46c7c61

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:48 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:22 GMT
server: Apache/2
etag: "99b-57c9e7a4b8580-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 953

GET
H/1.1 200
OK sharestyle.css
vchys.com.ua/templates/Vchys/css/ 1 KB
918 B 112ms
60ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/css/sharestyle.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 1955e35543309ca044a7071e173a7953ce9c0abf99ca51442dc81fdf20a262f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Dec 2018 11:11:22 GMT
Server: Apache/2
ETag: "5de-57dc2a829ea80-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 586

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
33 KB 233ms
115ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:03:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 20:03:10 GMT

GET
H/1.1 200
OK share.js Show response
vchys.com.ua/templates/Vchys/js/ 3 KB
1 KB 61ms
61ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/share.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: af1a45f830aed8f072a2ed0e9a1dd4aea40391d1eb8a33c39181b5c05bed53bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 21:13:44 GMT
Server: Apache/2
ETag: "caf-57d3e41817200-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1181

GET
H2 200 devices.min.css
vchys.com.ua/text-menu/css/ 42 KB
6 KB 239ms
109ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/css/devices.min.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 6ec5e1101ea00048a692f3a4baa491dac4e16ec88d52e6f3a4fd17f47eac44c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:48 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:22 GMT
server: Apache/2
etag: "a7a6-57c9e7a4b8580-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 6017

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 172ms
54ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 00:47:05 GMT

GET
H2 200 slinky.min.js Show response
vchys.com.ua/text-menu/js/ 4 KB
2 KB 190ms
60ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/js/slinky.min.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 1b925cd36e4d7035c4443ff5ce5f8baa93e6b2cf7c9492791276783453c2aa87

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:48 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:24 GMT
server: Apache/2
etag: "1066-57c9e7a6a0a00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 1548

GET
H/1.1 200
OK index.php
vchys.com.ua/engine/classes/min/ 203 KB
50 KB 127ms
68ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 / PHP/7.4.30
Resource Hash: 0368c51ee0901e3ae2569a661f8b4d4e8f4ecdfab2508d7b3f0123ddef5ac3b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Dec 2018 19:41:53 GMT
Server: Apache/2
X-Powered-By: PHP/7.4.30
ETag: "pub1545334913;gz"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=15552000
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 51029
Expires: Sun, 23 Apr 2023 04:30:48 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
58 KB 128ms
75ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

341a581c0200b891d013b24067864fb6c416677f2004da52e4fdad2032a1ec54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 58481
X-XSS-Protection: 0
Server: cafe
ETag: 4863554198444871000
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 25 Oct 2022 04:30:48 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 223ms
86ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-2383127339930356:ysrdufrqsay

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

560aa808454ef03cd0b38b1c5ec5012008bc5c58b56aa79295e6836b7cd18cf1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Tue, 25 Oct 2022 04:30:48 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2932
x-xss-protection: 0
expires: Tue, 25 Oct 2022 04:30:48 GMT

GET
H/1.1 200
OK index.php Show response
vchys.com.ua/engine/classes/min/ 203 KB
61 KB 124ms
65ms Script
application/x-javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/engine/classes/min/index.php?charset=utf-8&g=general&19
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 / PHP/7.4.30
Resource Hash: d75d0791b92689369d15650ee74fd6b830252eb010653957237c62401edd8da7

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Jun 2018 13:34:00 GMT
Server: Apache/2
X-Powered-By: PHP/7.4.30
ETag: "pub1528551240;gz"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 61716
Expires: Wed, 25 Oct 2023 04:30:48 GMT

GET
H/1.1 200
OK default.css
vchys.com.ua/engine/editor/css/ 2 KB
1 KB 69ms
61ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/engine/editor/css/default.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 0ea67b9a3f6abf27433c6b4404e9aee6db762784fd66c3420516668e87b3d4d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Jun 2018 13:35:09 GMT
Server: Apache/2
ETag: "974-56e3595cb3d40-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 718

GET
H/1.1 200
OK owl.carousel.min.js Show response
vchys.com.ua/templates/Vchys/js/ 23 KB
7 KB 119ms
61ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/owl.carousel.min.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:51 GMT
Server: Apache/2
ETag: "5d52-57b07d28d0cc0-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 6465

GET
H/1.1 200
OK masonry.min.js Show response
vchys.com.ua/templates/Vchys/js/ 25 KB
8 KB 120ms
61ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/masonry.min.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 33ae362801df6760d197feb6424b31cd4a3c0f04cb5c390e3f5fb9cec197b765

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:51 GMT
Server: Apache/2
ETag: "62a2-57b07d28d0cc0-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 7627

GET
H/1.1 200
OK scripts.js Show response
vchys.com.ua/templates/Vchys/js/ 4 KB
2 KB 120ms
60ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/scripts.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 8b9d189ee42d3345adcb082b1f8e51a1ba07c48f903cbf2106891274dcf01b18

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:51 GMT
Server: Apache/2
ETag: "eb2-57b07d28d0cc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 1389

GET
H/1.1 200
OK gdz1.js Show response
vchys.com.ua/templates/Vchys/js/ 171 KB
53 KB 144ms
66ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/gdz1.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 9bf15c219c564c48e8306f34c0243e7ef0fba5f85ddaf2f7c2ca044b3279cccc

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:50 GMT
Server: Apache/2
ETag: "2abdc-57b07d27dca80-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 53979

GET
H/1.1 200
OK gdz2.js Show response
vchys.com.ua/templates/Vchys/js/ 20 KB
5 KB 183ms
61ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/gdz2.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 7753657361b802b159fc0bdb146186b65cadc5785a257b494ca22b05b9528e58

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:50 GMT
Server: Apache/2
ETag: "50a4-57b07d27dca80-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 4393

GET
H/1.1 404
Not Found /
vchys.com.ua/templates/Vchys/css/ 33 KB
33 KB 374ms
374ms Image
text/html 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vchys.com.ua/templates/Vchys/css/
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 / PHP/7.4.30
Resource Hash: 5cf63d2b9d0c31ee9cd406a837123969d9f0b1e1f6782558642970407b4d3404

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/7.4.30
Vary: User-Agent
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
45 KB 108ms
54ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://vchys.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 24 Oct 2022 19:23:26 GMT
X-Content-Type-Options: nosniff
Age: 32842
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 44856
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 24 Oct 2023 19:23:26 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 107ms
54ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://vchys.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 24 Oct 2022 22:38:19 GMT
X-Content-Type-Options: nosniff
Age: 21149
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 26240
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:14:37 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 24 Oct 2023 22:38:19 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 353 KB
116 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2383127339930356&plah=vchys.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5df7aab83654c70b3d171a36c554383861d0765204fbad79c3c744ab400319ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118756
x-xss-protection: 0
server: cafe
etag: 16086046783061702283
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 04:30:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame BB6F 10 KB
5 KB 169ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 47547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 15:18:21 GMT
etag: 9671129459699598864
expires: Mon, 07 Nov 2022 15:18:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.916692490136...
https://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9166924901...

444 B
930 B

92ms
91ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9166924901364064

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fd4d2a365a8dad1a06d041101943c79d4e6c55791fe35e88b64a53b8835a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 04:30:49 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 444
Expires: Sun, 24 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 04:30:49 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9166924901364064
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 24 Oct 2021 21:00:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
vchys.com.ua/templates/Vchys/fonts/ 75 KB
76 KB 63ms
63ms Font
application/octet-stream 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
Protocol: HTTP/1.1
Server: 136.243.155.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
Origin: http://vchys.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:48 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Jun 2018 13:39:07 GMT
Server: Apache/2
ETag: "12d68-56e35a3fad4c0-gzip"
Vary: Accept-Encoding,User-Agent
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98

GET
H/1.1 200
OK vinos.js Show response
dominantroute.com/bens/ 137 KB
137 KB 260ms
103ms Script
text/javascript 193.200.64.20
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dominantroute.com/bens/vinos.js?24808&u=null&a=0.6751437837219163
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.20 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: etarg.network
Software: nginx /
Resource Hash: e2a2fbe3deb0ef05eef9fa76f5b53da71c501ad03e373329da490b56e2495dc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript; charset=utf-8
Date: Tue, 25 Oct 2022 04:30:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
696 B 191ms
62ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vchys.com.ua&callback=_gfp_s_&client=ca-pub-2383127339930356&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2383127339930356&plah=vchys.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a59a1930493ee8d6b116c95b99ac9f23ede5281b0a259f656170888e7b883348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 179ms
63ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vchys.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 178ms
63ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vchys.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
88ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fvchys.com.ua%2F&tn=DIV&cls=header%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8328 216 KB
53 KB 523ms
414ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&adk=1812271804&adf=3025194257&lmt=1666672248&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fvchys.com.ua%2F&ea=0&pra=5&wgl=1&dt=1666672248698&bpp=4&bdt=323&idt=176&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4512340861840&frm=20&pv=2&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=199

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d74b347f3b95141c113ed50ca5915bc00d5c5c7efd23e1b58e9034c93082a86d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 54009
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 04:30:49 GMT
expires: Tue, 25 Oct 2022 04:30:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD7C 68 KB
12 KB 426ms
336ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=90&slotname=1494452228&adk=2905109319&adf=1076915276&pi=t.ma~as.1494452228&w=728&lmt=1666672248&format=728x90&url=http%3A%2F%2Fvchys.com.ua%2F&wgl=1&dt=1666672248702&bpp=8&bdt=327&idt=208&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OYwicCg79F&p=http%3A//vchys.com.ua&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62ffdf6ab8a5bac826c7fe77b6b5381145cf36e15acd3bbbb98b1bac3af52721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12545
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 04:30:49 GMT
expires: Tue, 25 Oct 2022 04:30:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F236 91 KB
32 KB 529ms
466ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&slotname=7401385020&adk=3245228110&adf=3920548723&pi=t.ma~as.7401385020&w=315&fwrn=4&fwrnh=100&lmt=1666672248&rafmt=1&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666672248729&bpp=29&bdt=353&idt=207&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=mRO4K3lnFh&p=http%3A//vchys.com.ua&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8119868d1add0133354161bf5dfae97c941b3706192e0326c5f77718505281a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33092
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 04:30:49 GMT
expires: Tue, 25 Oct 2022 04:30:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__uk.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 305 KB
101 KB 247ms
131ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__uk.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2383127339930356:ysrdufrqsay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073a2af4e54a5446f976ec70c965f7268502d087441aec6e50939cd05cec2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 14:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103675
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 20 Oct 2023 14:45:52 GMT

GET
H2 200 default+uk.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
41 KB 170ms
55ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2383127339930356:ysrdufrqsay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:40:31 GMT
x-content-type-options: nosniff
age: 10218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41765
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 25 Oct 2023 01:40:31 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 168ms
54ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2383127339930356:ysrdufrqsay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 25 Oct 2022 05:00:30 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
53 KB 116ms
63ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__uk.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbce168b8657f426f95eb1b29c69c4781243c98cbe7de963a0e7fe1e246c9bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "10216219867848624373"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Tue, 25 Oct 2022 04:30:49 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 166ms
56ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 05:46:24 GMT
x-content-type-options: nosniff
age: 513865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 19 Oct 2023 05:46:24 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/uk/ 1 KB
1 KB 162ms
54ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/uk/branding.png

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:03:11 GMT
x-content-type-options: nosniff
age: 552458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1500
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 18 Oct 2023 19:03:11 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 120ms
53ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 04:30:49 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210071758000/ Frame CD7C 221 KB
61 KB 193ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=90&slotname=1494452228&adk=2905109319&adf=1076915276&pi=t.ma~as.1494452228&w=728&lmt=1666672248&format=728x90&url=http%3A%2F%2Fvchys.com.ua%2F&wgl=1&dt=1666672248702&bpp=8&bdt=327&idt=208&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OYwicCg79F&p=http%3A//vchys.com.ua&dtd=213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 10:05:17 GMT
age: 66332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61557
x-xss-protection: 0
server: sffe
etag: "6f919b986f193e5c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 10:05:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame CD7C 14 KB
5 KB 287ms
148ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 40887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "79c6a9d24c248711"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame CD7C 94 KB
28 KB 293ms
157ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 40887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28805
x-xss-protection: 0
server: sffe
etag: "61ef65d2d2d03d2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame CD7C 32 KB
10 KB 323ms
187ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-carousel-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33e73622e0366de95d732cc6998ed4017a3fd0549fc70bb9b531e875c5e0b4dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:26 GMT
age: 40883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10088
x-xss-protection: 0
server: sffe
etag: "c2e3d9cbb5a8e641"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame CD7C 5 KB
2 KB 313ms
177ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 40887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "cd31ad97eaf70e3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame CD7C 40 KB
13 KB 315ms
180ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:22 GMT
age: 40887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "81bd7ae64421add4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:22 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012210071758000/v0/ Frame CD7C 6 KB
2 KB 181ms
180ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32da5e46eef487b4b767bb0821338cba5ba7ee28149b8d80846effe328dd3fc2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:26 GMT
age: 40883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2441
x-xss-protection: 0
server: sffe
etag: "99e308e6485ce46c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:26 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CD7C 3 KB
3 KB 189ms
54ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:10:06 GMT
x-content-type-options: nosniff
server: cafe
age: 1243
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Wed, 26 Oct 2022 04:10:06 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CD7C 344 B
448 B 190ms
55ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1244
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 26 Oct 2022 04:10:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CD7C 0
21 B 148ms
146ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtJ55eWZXY8u7A6GI1fAP5LyeQOzjyqhs5YHE05EQooXAreYvEAEgg-meN2CVAqABktmy_QHIAQmpAhV0RPIakbA-qAMByAMIqgTMAU_Q3-aS_6TgNJuaEDsxNct-d0QXOHUh3YgKtrqCV-QPzpz1RFEqGk7FwZL8zFjudezpyHcjsAtlJiU79P2gjr2N6u65JLDPmAi4M5W71QdWXx17AmkxzyhrlIZeQmOujn9MSXdE-100QswapYnItWzHey0UGbOjeuaBm6TvLRBoWqgHWTNRS1WBhrXzgqOm3qwdH5cJDbRIMGKRPgDCkD-RZs-WQjyHT2V_KKnrzbKfJgwzACEKpn0fcHko1AmWvUDL-9ltxakDr5gpSsAEy6Pb2vMDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9amzYICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-qIB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMjM4MzEyNzMzOTkzMDM1NhgA&sigh=Mc8Rk2xAdVE&uach_m=[UACH]&cid=CAQSGwDq26N9XNzI-QQMiHqxVTyV4MaHKeomSExBEBgBIA4&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=90&slotname=1494452228&adk=2905109319&adf=1076915276&pi=t.ma~as.1494452228&w=728&lmt=1666672248&format=728x90&url=http%3A%2F%2Fvchys.com.ua%2F&wgl=1&dt=1666672248702&bpp=8&bdt=327&idt=208&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OYwicCg79F&p=http%3A//vchys.com.ua&dtd=213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 04:30:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Oct 2022 04:30:49 GMT

GET
H2 200 logo.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 3 KB
1 KB 193ms
58ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0c4dbf7067cb39583786b86fa184c04e476a26c8f85da71e680ab8482f17b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1269
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 03:04:16 GMT

GET
H2 200 mieten_schwarz.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 1 KB
1014 B 190ms
55ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/mieten_schwarz.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6111adf2d267651edfefe5466550ef4463c00ba7bfbfd4b5ac37f54acde3f96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 03:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Oct 2023 03:06:57 GMT

GET
H2 200 diebstahl.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 3 KB
1 KB 191ms
56ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/diebstahl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eefbb6ed5c954fda1b8cfa8db7828ada30bf3ccec35481983dce9f8f966f1cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1295
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 03:04:16 GMT

GET
H2 200 vandalismus_breit.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 6 KB
2 KB 56ms
56ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/vandalismus_breit.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41789456f569363ee5443e032af86b917c06ad8d4f80e90c983720a6c07d788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 03:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2138
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Oct 2023 03:06:56 GMT

GET
H2 200 einbruch.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 2 KB
1003 B 55ms
55ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/einbruch.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7db3bf977b6edb173e8e55be71aa70cef23c57f06902e00b7b4b0ca0bac24ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 03:01:15 GMT

GET
H2 200 ufo_120x160_1.png
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 56 KB
56 KB 88ms
88ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/ufo_120x160_1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0774f3004aaf1f3972ee1e58ff7f78b1212b1318d8e5d5254693cc5d7b46e238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:05 GMT
x-content-type-options: nosniff
age: 5444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57565
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 03:00:05 GMT

GET
H2 200 schutz_vor.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 2 KB
1 KB 151ms
151ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/schutz_vor.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10860052cef1a5864aef3915143cdbf8fc8749a22aba58ea6f8f931db7d848cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 03:00:05 GMT

GET
H2 200 rote_Ecke.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 194 B
259 B 149ms
149ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/rote_Ecke.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe419656dd889de2ec720db0136e2c564a919fa5215e67020632cc684496885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 03:28:14 GMT

GET
H2 200 mobile_ueberwachung.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 8 KB
3 KB 150ms
149ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/mobile_ueberwachung.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703d5529e0a0d9c43128d2060510ca86175594a6c2c3275c1647c20fc2d69d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 03:00:05 GMT

GET
DATA 200
OK truncated
/ Frame CD7C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6bc3aa7a650d34a0ea392461ed9adbc3df3c840039ab19b9eb594d9689e149d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame F236 6 KB
1 KB 180ms
64ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&slotname=7401385020&adk=3245228110&adf=3920548723&pi=t.ma~as.7401385020&w=315&fwrn=4&fwrnh=100&lmt=1666672248&rafmt=1&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666672248729&bpp=29&bdt=353&idt=207&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=mRO4K3lnFh&p=http%3A//vchys.com.ua&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 03:44:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 04:30:49 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 151 KB
51 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d8f8b659d5d817d65d55b7868d3618bb7d78644011dd40f01c23e4ed3b15f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52380
x-xss-protection: 0
server: cafe
etag: 8511574851522993669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 04:30:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 173ms
63ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vchys.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 174ms
64ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vchys.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 127E 94 KB
34 KB 325ms
325ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1666672249&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1666672249516&bpp=1&bdt=1141&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MlarLsqSMp&p=http%3A//vchys.com.ua&dtd=37

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94ea1b7345b96e601db0634768a05e12dc34afb3a9eec06086e4b47b0a506a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34498
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 04:30:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 051F 21 KB
10 KB 334ms
334ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&adk=137533416&adf=404476720&pi=t.aa~a.1415951696~rp.4&w=315&fwrn=4&fwrnh=100&lmt=1666672249&rafmt=1&to=qs&pwprc=3519743202&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666672249560&bpp=1&bdt=1185&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=3770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SIzEbnt56f&p=http%3A//vchys.com.ua&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0972bd0cf245c49cbc455edb2c0579eb5fd995202f6337a005783a1b291d933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10559
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 04:30:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame F236 2 KB
902 B 203ms
92ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F236 0
0 101ms
100ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeU05eWZXY7vFA-qy1fAP_uONsATUoKf3bK2LxsXAEPuBw6aiMhABIIPpnjdglQKgAeWHouIDyAEJqQK1IMnTgZWwPqgDAcgDywSqBL0BT9By7MKD9PD3SF_50MBuaTt4iEcwEXfsF5YbcPPJZgSF0iW3qy0Shlcks58prp29ZYzyJwZzPNS-080a4IluXnVgxLd91ILcYcfUvWwFDmGfvFd1CCfiJRxafkZ07HdziO8GUd13YCFg0QR172myQsFklzoGY2bjVNYqk9tDOQRmOnauoJDxr7kH7IG7xPMncOY0GGnNwNzpeygv1Tyr1quqHIb7HIa6NF2TNzrjzT-1V3YK623n4Mfgc3MPwATGuqanjQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgfd1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiIwP0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTIzODMxMjczMzk5MzAzNTYYAA&sigh=fF-oYIj6FSM&uach_m=[UACH]&cid=CAQSGwDq26N9V-z6Ph0Scsvhe0vU0VNRWNPt2KB7NhgBIA4&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&slotname=7401385020&adk=3245228110&adf=3920548723&pi=t.ma~as.7401385020&w=315&fwrn=4&fwrnh=100&lmt=1666672248&rafmt=1&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666672248729&bpp=29&bdt=353&idt=207&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=1814209605&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=mRO4K3lnFh&p=http%3A//vchys.com.ua&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 04:30:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame F236 23 KB
9 KB 165ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame F236 3 KB
1 KB 197ms
89ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame F236 17 KB
7 KB 175ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F236 152 KB
47 KB 179ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 04:30:49 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame F236 33 KB
14 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 00:51:45 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/477148377964746266/ Frame F236 12 KB
12 KB 182ms
75ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/477148377964746266/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b4a440262de3659bc6b13c0aa95c10148ff035c35754409e1ff690febab5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 10:59:25 GMT
x-content-type-options: nosniff
age: 408684
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11952
x-xss-protection: 0
last-modified: Wed, 19 Aug 2020 09:09:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Oct 2023 10:59:25 GMT

GET
DATA 200
OK truncated
/ Frame F236 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012210071758000/ 23 KB
8 KB 163ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210071758000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df10239e9f31b0a8cc0b08685e86e23f36ea9d3be2319b2b9027a34285289d86

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 17:09:26 GMT
age: 40883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7854
x-xss-protection: 0
server: sffe
etag: "e3e32df4901536ad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Oct 2023 17:09:26 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/ Frame 1062 10 KB
4 KB 54ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 43341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 16:28:28 GMT
etag: 9671129459699598864
expires: Mon, 07 Nov 2022 16:28:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 1062 4 KB
636 B 175ms
65ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 04:12:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 04:30:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1062 205 B
519 B 55ms
54ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:25:23 GMT
x-content-type-options: nosniff
age: 18326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 24 Oct 2023 23:25:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1062 604 B
694 B 55ms
55ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:46:40 GMT
x-content-type-options: nosniff
age: 9849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Oct 2023 01:46:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 1062 19 KB
8 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 15:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 15:04:03 GMT

GET
H3 200 logo.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 3 KB
1 KB 54ms
54ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/logo.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0c4dbf7067cb39583786b86fa184c04e476a26c8f85da71e680ab8482f17b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1269
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 03:04:16 GMT

GET
H3 200 mieten_schwarz.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 1 KB
682 B 55ms
55ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/mieten_schwarz.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6111adf2d267651edfefe5466550ef4463c00ba7bfbfd4b5ac37f54acde3f96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 03:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Oct 2023 03:06:57 GMT

GET
H3 200 diebstahl.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 3 KB
1 KB 55ms
55ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/diebstahl.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eefbb6ed5c954fda1b8cfa8db7828ada30bf3ccec35481983dce9f8f966f1cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1295
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 03:04:16 GMT

GET
H3 200 vandalismus_breit.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 6 KB
2 KB 58ms
58ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/vandalismus_breit.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41789456f569363ee5443e032af86b917c06ad8d4f80e90c983720a6c07d788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 03:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2138
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Oct 2023 03:06:56 GMT

GET
H3 200 einbruch.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 2 KB
936 B 58ms
58ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/einbruch.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7db3bf977b6edb173e8e55be71aa70cef23c57f06902e00b7b4b0ca0bac24ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 03:01:15 GMT

GET
H3 200 ufo_120x160_1.png
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 56 KB
56 KB 62ms
62ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/ufo_120x160_1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0774f3004aaf1f3972ee1e58ff7f78b1212b1318d8e5d5254693cc5d7b46e238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:05 GMT
x-content-type-options: nosniff
age: 5444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57565
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 03:00:05 GMT

GET
H3 200 schutz_vor.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 2 KB
1 KB 61ms
60ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/schutz_vor.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10860052cef1a5864aef3915143cdbf8fc8749a22aba58ea6f8f931db7d848cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 03:00:05 GMT

GET
H3 200 rote_Ecke.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 194 B
194 B 60ms
60ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/rote_Ecke.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe419656dd889de2ec720db0136e2c564a919fa5215e67020632cc684496885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 03:28:14 GMT

GET
H3 200 mobile_ueberwachung.svg
tpc.googlesyndication.com/sadbundle/8496723567565468625/ Frame CD7C 8 KB
3 KB 75ms
75ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8496723567565468625/mobile_ueberwachung.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703d5529e0a0d9c43128d2060510ca86175594a6c2c3275c1647c20fc2d69d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:26:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 03:00:05 GMT

GET
DATA 200
OK truncated
/ Frame F236 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3083a8e7aee950d028b41c53ff4ac72ac1d485a31031aecb9d162e8292f4067

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 127E 6 KB
672 B 63ms
63ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1666672249&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1666672249516&bpp=1&bdt=1141&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MlarLsqSMp&p=http%3A//vchys.com.ua&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 04:20:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 04:30:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 127E 2 KB
902 B 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 127E 23 KB
9 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 127E 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 127E 17 KB
7 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 127E 0
0 61ms
61ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_zMOCPEerR7g9PSlStVXMo0iIur8oYwbHmbrtBHW4awrQSYI1t-1zLOEHUD8xtq80DbTPJJCPy_mu8LgNfGZlRe5aTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1666672249&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1666672249516&bpp=1&bdt=1141&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MlarLsqSMp&p=http%3A//vchys.com.ua&dtd=37
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 127E 152 KB
46 KB 215ms
101ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 04:30:50 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 127E 33 KB
14 KB 167ms
53ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 00:51:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F236 15 KB
16 KB 179ms
49ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 42358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F236 15 KB
15 KB 190ms
62ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 287406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:40:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 127E 0
0 105ms
105ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CysjreWZXY_H4JJHmxgPV76CwD63lv9BsxtPXipQMnIaC_PEvEAEgg-meN2CVAqAB9Ja2uwLIAQmpAhV0RPIakbA-qAMByAPLBKoEvQFP0M594TY4PZLdZl3wXNIHK7JYDe5u-3HAFHcBj8nXagQ4OLq0Aa6ZaIbySYuUyWmnFC0Zow3NPqjPKrT9_IFM-dEUEauNorhl4ntADL2Q7h2ibqUK0huT6I8NeaOwS2ukuPZ_KDyp6kAhG864uGzapaI5tM_W2RfaJC9QqtpL5S_L02JnKdZozfry609ZguAsM7jPT7nXSXYg57XXRwYEXbjoAXfsXLXa-JWffxAbYge4IMq7L6-6ydHrdUbABLCdxMOXA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf5mePXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMCCAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTC4gUBdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMzgzMTI3MzM5OTMwMzU2GAA&sigh=idSbbFX8N_E&uach_m=[UACH]&cid=CAQSOwDq26N93CySF85kiCvBnjn4jHjdKX8-ULnR_LeIaYdcS9jgL-KoytQTDjet2RD6WRru4i_eNCjVm5dRGAEgDg&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1666672249&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1666672249516&bpp=1&bdt=1141&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MlarLsqSMp&p=http%3A//vchys.com.ua&dtd=37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 04:30:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16472488686613761165/ Frame 127E 62 KB
62 KB 55ms
54ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16472488686613761165/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aee4412b7600efbfa8cb49c986a02418a4fe51d8ad1cc0b1eb6ac4bfb6f8f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 22:25:36 GMT
x-content-type-options: nosniff
age: 367513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63400
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 11:16:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Oct 2023 22:25:36 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF5A 624 B
297 B 75ms
74ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGPmf3M0BMAE&v=APEucNWCZFkeu9-AbCLYE2Q57-7tRW1O_hAUhw2Wyq9iyKZAm7AM9VDv-NTtuc60CzsLT2-v6nMYKH5EE5KItGXAqNd5mpcrRBorQxflmpajZVdMdhTN7nck3wpdgkAIxhErNSQ2rjw9JxajSL80PsTtuFU93u1tOUDj9EMRfwgobm4TlUbd75M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&adk=137533416&adf=404476720&pi=t.aa~a.1415951696~rp.4&w=315&fwrn=4&fwrnh=100&lmt=1666672249&rafmt=1&to=qs&pwprc=3519743202&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666672249560&bpp=1&bdt=1185&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=3770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SIzEbnt56f&p=http%3A//vchys.com.ua&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&adk=137533416&adf=404476720&pi=t.aa~a.1415951696~rp.4&w=315&fwrn=4&fwrnh=100&lmt=1666672249&rafmt=1&to=qs&pwprc=3519743202&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666672249560&bpp=1&bdt=1185&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=3770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SIzEbnt56f&p=http%3A//vchys.com.ua&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 04:30:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 912A 70 KB
33 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwOYouRRvvCM9pXBlMo24lBtab7Q9JQQLfHl--eBrvAot-WKRuZu7ei-lK8al77fqrDtxOOV4KL3m_X4mb7tba2rqwMA&cry=1&dbm_d=AKAmf-AoHyXCGn0WG4Ij_BgGVyYz4ySKht9giYWbIe6cwjQGH4jHKT6lbw76DLflXTPrqoLfkmWYFIiGEbHio36wbNAO2YVeyLgt70DW2FAOmmXytOIvzoqmcT7pMVVdlrpzLA9-H78ZauzTm7xV_ACqxlxRXRy0dM3csN-KywqR683GfaICeuAZusPqTuplXQ1ufx2jmT5eMgGn30ewB40jSr1OnHaviTkBrd2hslMREikZHZRLVISF9cGTW25jDS7U1iXa3utiBqqCzPus6R49DkvVi1MSSOW4iEeiQbCyrWtkF0YqA0IJmxXFU9wGccRFL3Uhmoi9y53IfsvsGb1pG0kx514-wXN0VjkHZBTYDkH66O_UVUp78qmbTgfaAHa9bPCAsLBCbUYtJjsJIT414XPGpH13sTWxJi_phuCLyNn6pcnBzN7ivsfs1T1wj62zBitxmRnIUSogFkAMZ8aMDucQG5aE8viNZLv8Vr99366YmW8udxgnqTPuc_WOK_el66TcAzWN5ERC9c97TQlLGn8B0H88pZeXrCnzPlRt8-SLg20dvnz5l22oRurpmcqebHfRadkR7Nc6EERX6ai7b9QdGoFjyFXgGkPNR1tEAbEYANfeBaVK-VKOndJLFZfx5l4nWzpOrIimwVQkyIILWcD1yNAT-MbMBQ-Q1IDMrh2qd6uBPW4H7hISInM4OiLwxNLHh7MzXxl5-qMh7OsZ-hFrIad7472wotkJpNxSADRN9yk5FbTuEEFKy-JQUeha_FkA_013EXvP8pVieVGvNI0smXzMRmtw_VgGyBaETMzautH_DDe4TIAePwK3DMcWYQokR43YAZnWCQ2MSLVmyc4doLO2UmVPMBCY6V3VLUlMeKMRPRO8HaLOF4-QuRD4kgQfycS5f5ECcKOmYgZ4SyF4DlUcKExxj5G2pTmpimMBF8gsd148YPWa-h_0EA-Od8k-BPdbwJPkJEeuJchmL2DraIpSNGN1QwzoZU4GmfFvaA3dDr3B6Nf-daNj0Fxx-FK6_sdhBU2N0k6hO3R7wRh9ZHLb_c7mgYessp-vf4BCvnfse917ytaan-bCYg8URi4YB9HnZ61uwZsPMj4LbHl6ffM1c4sraLleS99NBqsMe6dYHUBcn9ZM0ELDxH6lN0UC2NpV1joPb_OBAjeRQhiAxR8nkOUyonuLup31JMXVzN8R935VL-eNb8RmtAs_31f-sPpUNiefideX2zxCIrBeBYaIoBbm2e95MkpYAnp9XMVRzwc-ReTDhQo8f2g-n8XRro5qYqjjLKI_RRkCH12Bz5N3F0bj1OxUQgzJUFqhjvD5SjFatCtDllAYy4uVpzZMKmIGvcNuw94dDi9Y9n4yl59aA9mf4bCMPffIn6tdxL7umLymdgFGI0n8qV1zkNUdwRizfWyX4EMEpnQ6RYAwsWbUSF129ZfQ_I3tNV6I2sEHwGwApirtW_V12JRxmthvBxoL-LeUxIXbNFPhuShGxNtO25aJ9rO11D_WHTQOZI1KFytGayPDrutKU1vPcM-Fliv7EjcPRPiDzQ85gO8LLBtbNnd9YJzGYH0MF8ycDF6ILqJP0fU3XowtDqQtXMIgOBSbzmJOXRMUzUm-EgLNlqUFxSwSXp4WMPomMyg890zB8WuLGc3d1ZvHWPjVPiKwdRqHCV0bBKKuCHeYdFVfU6A7t-eSSQzpoF5zDhITJwmTk5JvilORF4WHypCSK2xL9R6agltSbPHeEWYjDXrPHZEIDmcMF4RgjyzKjJWX22fR2MIrIKiFZWL5K3i3jmFjCP2FIX08h9JI8iBdyvnTUKOjLcjl87GnVCOP8aTjNaSnh5Qk6LNTIH00GoUi-QKtXeXYXRDzqFhZHRt07K5XnCouc4mUugbnMEOu5J0NE_5Wsk-Vjz73wQx-JvfQ_Oh1y4m5uL4cmvl072D0FuSuFRjCi6mMd1rl0PZN9V9wg7UCPqY6VD5P1NI8tXgzw2zhuJpbtqLXuAhmczDt7YcpClabTBzY3Au-wxTjZICabqG7-WggSHa70wvqhJ8iEIz6dLJ7dPlHtE6anlt5EgjXThDIOtWDi0EqcMWlWjqA00M5FOSqzW-z1-ZpN-_GD4NNTVpklbR9o24V32-bBh9uP3zoOWxK_xKTJ6geUVdtsFUD-IiFcY-cl00fRsMDhcBgejaqagjsNLeLzqdqvbaBldUx24lxpEBA5DA6Y2phvBWwbjgzTNL4uaY_Y7t3Hn8kmVqHI-eyXLl5DV4sAMG1h_GzOeKtZMbqziTx-EmohjUlg8aeh1JunMrLn2GID3cFgxPpnGCHSNQ-4oBRxTLNFXLnem4tUgXui8teA8JnqFDT1ikEQTLW5-cLzkNXlcVwD512lGW8kpemwQGbq2G1dktqzTlBHiRd37rBa38BGwRDPe79XDtG2-_eSbb1jpSFQLOiCkQ6R-rug6wxPsnNysiBIieLWjRyGVbYeb-9j2gjnmwGzPp5yzo8K741giuSrROhi0-3Ug7sLSQeEQ-yPU7p1a03NTeABMX48x1jUJGMNtGy6wO4f0UbEy-tV3qD-Z6vE8X2BIncUMJHxWvix5_-PuhoS8klyBXLfw_BmWkkgKgG37m5tjZFg7KqJ9vMr0lZtnICUh9tmKp3dwqFnIK_TNYMbTwIU3AJQyOHsaxPerOu0gkhxL13bmrM0OSU5rgxrdOV6WTH1OGkDtC4wgbH_02xee7DE09P1uaJhChE4tI1DuUCiiYp2fcKv6vPFQSs9pzVuc04vnrp2qBUfqGaP1-OcXaxrVszGK45AcKy_kgxvY-iID6t-UA8-EUrPzBATBSUNjPuNsSzmPG-uro0zZ2w5CO7Pdh2-wVlnkQGyC0-9vZPwme94a587ESgK-MXktnONYwMiyKOdD19bBSbQaWGZKK66EzwbYRuKrQq3vboHdxQ1GIUqNrSV0tjodIr2URT8KVOOvTaq2TiDrvYNHyB_DYnczHP0zB9HPr2q52EwQO3lb27rkGxJUlU0IkE1rRGYllBeeyAUMK0qp43X7g-hR-IAHliatI5dq_o7kqGp9Xi1Mhw0IKmJkxty6031o4B4MdE61O9qjzNy1ekXYbnuo1_Uf5okGUeD1UvFsOhj-1GQNJzwAm2A_ab5Us07yHnNzxAoBJO8HuFWojdM9-0VT7H-PihOou0sZ4CcBBGJQktoNJJQhUViLTCj0Ed3KZhQvrc3yf72I6cDa7k8bbMUACKZX8tXgxBtSECrJhUTAAbwKK95A1R_KexN7HpMrn4ZWP4ZA5styxA6XjczCzBp_pbvEF6-55YuB4zTdWUpkANRh6A8sktrq0Y37yT7OQMIFV_PlNS499Lwssndi9rX--0GvE7OsWX6iCSwk1fs7180R4YhYi8120JvzgqxLTsOp_oi6cNb_87ixpCblE6vf5F7wc0tE5POEG9eic-JsO9RAux-v158Xceeilh86nk_ufF7uxVf7oDzPZito5FkPKapVul7zy2_BaEK6lKzk1o8sN7L4Q2eJhwGX_W7NmcDHcLxWZ0f20s7YxL7Lk79MwveOFJ4ltIg-bWMHHko5MRwyn9i-msT-aBX048bVTw7IuPEiY9t7NKhDu213Nwh2CZ_AHAdXOE92tY0Pdy3KTPxvjTN3qPHkJqbT9p0OZeEB5xctCsiIPuXrRtCQ&cid=CAQSOwDq26N9qUBwQmRuCX1MUv1peXV8xfrDfurC1MIh0BM7lTGK8-X86gsO_ziOFiF2jarNJDArvML-FKEHGAEgDg&rfl=2%2Chttp%253A%252F%252Fvchys.com.ua%252F%240

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

135669c9a20461f5d30d4e9604a13fb7504df2c4d3c26fe9d3c776f09f43eea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&adk=137533416&adf=404476720&pi=t.aa~a.1415951696~rp.4&w=315&fwrn=4&fwrnh=100&lmt=1666672249&rafmt=1&to=qs&pwprc=3519743202&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666672249560&bpp=1&bdt=1185&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=3770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SIzEbnt56f&p=http%3A//vchys.com.ua&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 912A 3 KB
1 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 912A 17 KB
7 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 912A 0
0 72ms
71ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9qzT7rmKE7I0imr0_yovFgH1hycsLcS7D_5JX7PU28FqUUvbTc253EkbXXe4lWEMCaxOmfjJR4AVjDA4Rfz_IFPgWyQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&adk=137533416&adf=404476720&pi=t.aa~a.1415951696~rp.4&w=315&fwrn=4&fwrnh=100&lmt=1666672249&rafmt=1&to=qs&pwprc=3519743202&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666672249560&bpp=1&bdt=1185&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=3770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SIzEbnt56f&p=http%3A//vchys.com.ua&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 912A 152 KB
46 KB 148ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 04:30:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 912A 42 B
63 B 105ms
105ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AaFV2bskaVySVpupN90pqJwYgkmXN8-CkdH8DTDoqHT82h_hfoPLi3gb2onmAt4HgqwhPa0vA-MdhRaPrCR1ofp2UAEz9Mv4aQl9DsDGVNCUKDIdw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 041B 9 KB
4 KB 136ms
76ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 17:49:09 GMT

GET
H3 200 12ec4bf99de2677880693869491ac13e.js Show response
www.gstatic.com/mysidia/ Frame 041B 215 KB
76 KB 144ms
83ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/12ec4bf99de2677880693869491ac13e.js?tag=leadgen/snom_video_web

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f1f331868a01a2f65f325824d5f58330213b442f4081c0b418659287e3af95e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78019
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 16:42:24 GMT

GET
H3 200 f811ceb9b4a6a990ad4105fc3f7ba433.js Show response
www.gstatic.com/mysidia/ Frame 041B 19 KB
8 KB 114ms
54ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 13:15:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 041B 6 KB
964 B 70ms
68ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b7dbb2f7ef844758c0558d807709bf405677de40ae3fecf9321f32371deabd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 04:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 04:30:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 04:30:50 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 041B 27 KB
7 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6725
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 041B 51 KB
11 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11613
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 041B 18 KB
5 KB 82ms
80ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4905
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 041B 103 KB
19 KB 69ms
66ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19915
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:16 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 041B 58 KB
10 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10701
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 041B 31 KB
3 KB 62ms
60ms Stylesheet
text/css 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3297
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 041B 3 KB
884 B 64ms
62ms Stylesheet
text/css 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 041B 2 KB
733 B 61ms
59ms Stylesheet
text/css 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 041B 37 KB
4 KB 64ms
62ms Stylesheet
text/css 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4280
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 041B 51 KB
5 KB 65ms
63ms Stylesheet
text/css 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4972
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 25 Oct 2022 11:21:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 041B 2 KB
902 B 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 3b83c543e2369c6d5695fb1ef6fbb5b0.js Show response
www.gstatic.com/mysidia/ Frame 041B 22 KB
9 KB 121ms
63ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b83c543e2369c6d5695fb1ef6fbb5b0.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772bd17bb4c6be5a3150be460115db50c91d32f1a1d02bbee4e79099859ebf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 15:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9392
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 15:36:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 041B 23 KB
9 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 041B 3 KB
1 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 041B 17 KB
7 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 041B 152 KB
46 KB 136ms
79ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 04:30:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4B2F 1 KB
643 B 57ms
57ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 67917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 09:38:53 GMT
etag: 48472445140208031
expires: Tue, 25 Oct 2022 09:38:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 127E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08599a007695f3f56d1420217e7ed0b082d4bed68348564997a9b5db2196979c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DF5A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJP58EAiDC9bj9q31iToss&google_cver=1

43 B
766 B

57ms
56ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJP58EAiDC9bj9q31iToss&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGPmf3M0BMAE&v=APEucNWCZFkeu9-AbCLYE2Q57-7tRW1O_hAUhw2Wyq9iyKZAm7AM9VDv-NTtuc60CzsLT2-v6nMYKH5EE5KItGXAqNd5mpcrRBorQxflmpajZVdMdhTN7nck3wpdgkAIxhErNSQ2rjw9JxajSL80PsTtuFU93u1tOUDj9EMRfwgobm4TlUbd75M
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 04:30:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJP58EAiDC9bj9q31iToss&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DF5A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1dmekpmUxnMXCBT8-dwQAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJP58EAiDC9bj9q31iToss&google_cver=1

43 B
894 B

55ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJP58EAiDC9bj9q31iToss&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGPmf3M0BMAE&v=APEucNWCZFkeu9-AbCLYE2Q57-7tRW1O_hAUhw2Wyq9iyKZAm7AM9VDv-NTtuc60CzsLT2-v6nMYKH5EE5KItGXAqNd5mpcrRBorQxflmpajZVdMdhTN7nck3wpdgkAIxhErNSQ2rjw9JxajSL80PsTtuFU93u1tOUDj9EMRfwgobm4TlUbd75M
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 04:30:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJP58EAiDC9bj9q31iToss&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DF5A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK8C-6gIV5xQrkPnPHLwX4w&google_cver=1

43 B
1016 B

126ms
57ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK8C-6gIV5xQrkPnPHLwX4w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGPmf3M0BMAE&v=APEucNWCZFkeu9-AbCLYE2Q57-7tRW1O_hAUhw2Wyq9iyKZAm7AM9VDv-NTtuc60CzsLT2-v6nMYKH5EE5KItGXAqNd5mpcrRBorQxflmpajZVdMdhTN7nck3wpdgkAIxhErNSQ2rjw9JxajSL80PsTtuFU93u1tOUDj9EMRfwgobm4TlUbd75M

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 04:30:50 GMT
AN-X-Request-Uuid: 939e0de5-cc76-4c31-8ed7-e675c47af116
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.40; 82.199.130.40; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK8C-6gIV5xQrkPnPHLwX4w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF5A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM2OTU1Mzk0NTYwNzkxNDI0Mw%3D%3D

170 B
188 B

88ms
65ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM2OTU1Mzk0NTYwNzkxNDI0Mw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 04:30:50 GMT
AN-X-Request-Uuid: 564c1862-3a8a-48b2-a176-0d27ae638c49
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM2OTU1Mzk0NTYwNzkxNDI0Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.40; 82.199.130.40; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 912A 30 KB
11 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwOYouRRvvCM9pXBlMo24lBtab7Q9JQQLfHl--eBrvAot-WKRuZu7ei-lK8al77fqrDtxOOV4KL3m_X4mb7tba2rqwMA&cry=1&dbm_d=AKAmf-AoHyXCGn0WG4Ij_BgGVyYz4ySKht9giYWbIe6cwjQGH4jHKT6lbw76DLflXTPrqoLfkmWYFIiGEbHio36wbNAO2YVeyLgt70DW2FAOmmXytOIvzoqmcT7pMVVdlrpzLA9-H78ZauzTm7xV_ACqxlxRXRy0dM3csN-KywqR683GfaICeuAZusPqTuplXQ1ufx2jmT5eMgGn30ewB40jSr1OnHaviTkBrd2hslMREikZHZRLVISF9cGTW25jDS7U1iXa3utiBqqCzPus6R49DkvVi1MSSOW4iEeiQbCyrWtkF0YqA0IJmxXFU9wGccRFL3Uhmoi9y53IfsvsGb1pG0kx514-wXN0VjkHZBTYDkH66O_UVUp78qmbTgfaAHa9bPCAsLBCbUYtJjsJIT414XPGpH13sTWxJi_phuCLyNn6pcnBzN7ivsfs1T1wj62zBitxmRnIUSogFkAMZ8aMDucQG5aE8viNZLv8Vr99366YmW8udxgnqTPuc_WOK_el66TcAzWN5ERC9c97TQlLGn8B0H88pZeXrCnzPlRt8-SLg20dvnz5l22oRurpmcqebHfRadkR7Nc6EERX6ai7b9QdGoFjyFXgGkPNR1tEAbEYANfeBaVK-VKOndJLFZfx5l4nWzpOrIimwVQkyIILWcD1yNAT-MbMBQ-Q1IDMrh2qd6uBPW4H7hISInM4OiLwxNLHh7MzXxl5-qMh7OsZ-hFrIad7472wotkJpNxSADRN9yk5FbTuEEFKy-JQUeha_FkA_013EXvP8pVieVGvNI0smXzMRmtw_VgGyBaETMzautH_DDe4TIAePwK3DMcWYQokR43YAZnWCQ2MSLVmyc4doLO2UmVPMBCY6V3VLUlMeKMRPRO8HaLOF4-QuRD4kgQfycS5f5ECcKOmYgZ4SyF4DlUcKExxj5G2pTmpimMBF8gsd148YPWa-h_0EA-Od8k-BPdbwJPkJEeuJchmL2DraIpSNGN1QwzoZU4GmfFvaA3dDr3B6Nf-daNj0Fxx-FK6_sdhBU2N0k6hO3R7wRh9ZHLb_c7mgYessp-vf4BCvnfse917ytaan-bCYg8URi4YB9HnZ61uwZsPMj4LbHl6ffM1c4sraLleS99NBqsMe6dYHUBcn9ZM0ELDxH6lN0UC2NpV1joPb_OBAjeRQhiAxR8nkOUyonuLup31JMXVzN8R935VL-eNb8RmtAs_31f-sPpUNiefideX2zxCIrBeBYaIoBbm2e95MkpYAnp9XMVRzwc-ReTDhQo8f2g-n8XRro5qYqjjLKI_RRkCH12Bz5N3F0bj1OxUQgzJUFqhjvD5SjFatCtDllAYy4uVpzZMKmIGvcNuw94dDi9Y9n4yl59aA9mf4bCMPffIn6tdxL7umLymdgFGI0n8qV1zkNUdwRizfWyX4EMEpnQ6RYAwsWbUSF129ZfQ_I3tNV6I2sEHwGwApirtW_V12JRxmthvBxoL-LeUxIXbNFPhuShGxNtO25aJ9rO11D_WHTQOZI1KFytGayPDrutKU1vPcM-Fliv7EjcPRPiDzQ85gO8LLBtbNnd9YJzGYH0MF8ycDF6ILqJP0fU3XowtDqQtXMIgOBSbzmJOXRMUzUm-EgLNlqUFxSwSXp4WMPomMyg890zB8WuLGc3d1ZvHWPjVPiKwdRqHCV0bBKKuCHeYdFVfU6A7t-eSSQzpoF5zDhITJwmTk5JvilORF4WHypCSK2xL9R6agltSbPHeEWYjDXrPHZEIDmcMF4RgjyzKjJWX22fR2MIrIKiFZWL5K3i3jmFjCP2FIX08h9JI8iBdyvnTUKOjLcjl87GnVCOP8aTjNaSnh5Qk6LNTIH00GoUi-QKtXeXYXRDzqFhZHRt07K5XnCouc4mUugbnMEOu5J0NE_5Wsk-Vjz73wQx-JvfQ_Oh1y4m5uL4cmvl072D0FuSuFRjCi6mMd1rl0PZN9V9wg7UCPqY6VD5P1NI8tXgzw2zhuJpbtqLXuAhmczDt7YcpClabTBzY3Au-wxTjZICabqG7-WggSHa70wvqhJ8iEIz6dLJ7dPlHtE6anlt5EgjXThDIOtWDi0EqcMWlWjqA00M5FOSqzW-z1-ZpN-_GD4NNTVpklbR9o24V32-bBh9uP3zoOWxK_xKTJ6geUVdtsFUD-IiFcY-cl00fRsMDhcBgejaqagjsNLeLzqdqvbaBldUx24lxpEBA5DA6Y2phvBWwbjgzTNL4uaY_Y7t3Hn8kmVqHI-eyXLl5DV4sAMG1h_GzOeKtZMbqziTx-EmohjUlg8aeh1JunMrLn2GID3cFgxPpnGCHSNQ-4oBRxTLNFXLnem4tUgXui8teA8JnqFDT1ikEQTLW5-cLzkNXlcVwD512lGW8kpemwQGbq2G1dktqzTlBHiRd37rBa38BGwRDPe79XDtG2-_eSbb1jpSFQLOiCkQ6R-rug6wxPsnNysiBIieLWjRyGVbYeb-9j2gjnmwGzPp5yzo8K741giuSrROhi0-3Ug7sLSQeEQ-yPU7p1a03NTeABMX48x1jUJGMNtGy6wO4f0UbEy-tV3qD-Z6vE8X2BIncUMJHxWvix5_-PuhoS8klyBXLfw_BmWkkgKgG37m5tjZFg7KqJ9vMr0lZtnICUh9tmKp3dwqFnIK_TNYMbTwIU3AJQyOHsaxPerOu0gkhxL13bmrM0OSU5rgxrdOV6WTH1OGkDtC4wgbH_02xee7DE09P1uaJhChE4tI1DuUCiiYp2fcKv6vPFQSs9pzVuc04vnrp2qBUfqGaP1-OcXaxrVszGK45AcKy_kgxvY-iID6t-UA8-EUrPzBATBSUNjPuNsSzmPG-uro0zZ2w5CO7Pdh2-wVlnkQGyC0-9vZPwme94a587ESgK-MXktnONYwMiyKOdD19bBSbQaWGZKK66EzwbYRuKrQq3vboHdxQ1GIUqNrSV0tjodIr2URT8KVOOvTaq2TiDrvYNHyB_DYnczHP0zB9HPr2q52EwQO3lb27rkGxJUlU0IkE1rRGYllBeeyAUMK0qp43X7g-hR-IAHliatI5dq_o7kqGp9Xi1Mhw0IKmJkxty6031o4B4MdE61O9qjzNy1ekXYbnuo1_Uf5okGUeD1UvFsOhj-1GQNJzwAm2A_ab5Us07yHnNzxAoBJO8HuFWojdM9-0VT7H-PihOou0sZ4CcBBGJQktoNJJQhUViLTCj0Ed3KZhQvrc3yf72I6cDa7k8bbMUACKZX8tXgxBtSECrJhUTAAbwKK95A1R_KexN7HpMrn4ZWP4ZA5styxA6XjczCzBp_pbvEF6-55YuB4zTdWUpkANRh6A8sktrq0Y37yT7OQMIFV_PlNS499Lwssndi9rX--0GvE7OsWX6iCSwk1fs7180R4YhYi8120JvzgqxLTsOp_oi6cNb_87ixpCblE6vf5F7wc0tE5POEG9eic-JsO9RAux-v158Xceeilh86nk_ufF7uxVf7oDzPZito5FkPKapVul7zy2_BaEK6lKzk1o8sN7L4Q2eJhwGX_W7NmcDHcLxWZ0f20s7YxL7Lk79MwveOFJ4ltIg-bWMHHko5MRwyn9i-msT-aBX048bVTw7IuPEiY9t7NKhDu213Nwh2CZ_AHAdXOE92tY0Pdy3KTPxvjTN3qPHkJqbT9p0OZeEB5xctCsiIPuXrRtCQ&cid=CAQSOwDq26N9qUBwQmRuCX1MUv1peXV8xfrDfurC1MIh0BM7lTGK8-X86gsO_ziOFiF2jarNJDArvML-FKEHGAEgDg&rfl=2%2Chttp%253A%252F%252Fvchys.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 912A 8 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 13:57:30 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 912A 0
622 B 242ms
100ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvW4cdsu-sZ76tvzKo0SLXz33-Yx8nADNBuIlQ7OFxIx02mKAuYfpvJJlcqtzQkGOfNL5ih-QI5KVQEsAwNE4pKJ1WjpEVnNFq05yHzumI0wNBkjcQS6Cu53779Fce7aeIqH4M1j97JwGktGxWCtBV_t9I8arkND0CQRnuvlDfIGQbkkuiGnGwO_bosYmMApHve321tk8mfewKlkeR9JnuIZpAWGI2l-rYraSiIzhgx1tNlVJtVw1oQR4gKf4KvHQdXR9EN2VjgUF3LlrWKy8fw48Wy4xnvlbie25m-5JzkwXsHs_OQggpKOmAwZl-ctgdvZBg3b-ItCGkxd1sHeodlucPe9w9s0fSVdjcRUgu5GeFavMsB431IU3ZDCEvI1dVnNNfGlL73uTP61v7izM6_tG6sMmazxCL-ANdoulwD4tzqnSBfMl0teDZrl2IFujI92lfWG7kdfej5Swu4yKnC4QqK-K2GXtHd90ttScNEuBE20fdMW50RTBIdUEzVhdV9bikr00HSrzv9F-XF1q_6DUHdJiyJP-mIbvcPz0LmKJHJvMPluKWExhktoSDKwGdmO5OZBhBICKv0x1qXmQZf_f5QmacPEWxKrFoElLSPj4904LdlQ28DDVeIIMOnTQHtkMJy0_z_EIOhBJuKamdQrRQbzloFN8GrvxLi-WB5JiQhY6MYbqBx9aF548qV416ABfvptHIwfgnBhelXP7kMmJwhN0jFN2su8qye4FegWvgvTQIA_-tHMKTOHUvEHXeQ6yicvZH6Xt_zF8n3oIEZXyeAe2nTA9vFt1ZYBEY6x4tU-AyEZ_OP5ZFBOfWXEtfO09dd6WTw5WqAz7o3AFmlryTOxXQfFNOyi43IS8oomuWsprTJmp2J9XEXD96cAtN2X2WFU23Nrlgh8RrNtQxO8p1jqbZhZgJn1q7x1v1wsFFzt_tlyf1NSn6al9I3X57jDT_hcT0XJef6Xo8NBvhMDDON4j4fW1-70RHnMjtDkHXyUw7_53pvN8IPkU6k98EfkD_eKMX-FPgknS961VfHoVxaztBS95AzzG7IYN1jm084QWLj3-xuIE1BJu8gTdht3cyGDfxzrTLWJkAZGagbcZ4l097p1QsBKKcWyFDbBt1QR6tw6329ZT2aPDlrsRRHu-qUG3nhN4or6VgcU6ebWshNjc3g2wIe&sai=AMfl-YRJtjnFjRY6vumf7hsCZFw36aN4mU4pZNdtbrTBUvv7pIm5OgUhpkz-uKKRHupwAFKmIh-5JvQU3RIOMf1YNzMBMAH-0KO2NEb2lx-YzkfaqygZMBHrizWjWvbp588kQ2jQD4hZ1l55oWWSkFL5Hd1iy1TvyGInjIcZu_QSW8CbkRRYqEGtgtBt-rnDSfMe4ntDbzqcHHoORIp6fXXi0U3ggrLzj5OctklI8l5ml2B_HjVNtrtQWfWWv1LV3BV8DdZLvNae59A&sig=Cg0ArKJSzKHgDJAyuyZnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221020.36813&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 04:30:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 912A 41 KB
15 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:48:08 GMT

GET
H2 200 11871609879964969789
s0.2mdn.net/simgad/ Frame 912A 40 KB
40 KB 175ms
54ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11871609879964969789?sqp=-oaymwEOCKwCEPoBIAFIZFABWAE&rs=AOga4qlZdfMgM-tWMPXBpVFj0WRwd_mfVg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ac81a1b74c547d372e0058796acef196adb800efcc590406dd270cf8e8271f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 03:00:10 GMT
x-content-type-options: nosniff
age: 91840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40654
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 21:04:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 03:00:10 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4B2F 35 B
464 B 188ms
59ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGTsKKNozAjRsqQ8O5WMkRc&google_cver=1&google_push=AZmPxg-LyuPmK742LJmDZdfvxDmdD3urTdXvMYpY7jbM2ld7XgNgYvGQgHPAkOB_WJ26FDZamuz1ooczKpROLjDfYdhfmRYTips

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 4B2F 0
98 B 179ms
63ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg873rhKwgwb3BW1jGXqd0WrC1t7TNiacLPT3HKGcZ7Rr_GiR0n6yfQff6MLRv1_p4GIoNb-Q8gSgqQeE7sIR6vNG_eX_g&google_gid=CAESEMDuymIZtlC2cBDgftmCjZc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1666672249&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1666672249516&bpp=1&bdt=1141&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MlarLsqSMp&p=http%3A//vchys.com.ua&dtd=37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4B2F 43 B
356 B 178ms
63ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJrBYR4CrvlW6ty9BoBbSEU&google_push=AZmPxg_Y_sW_ix7vhxPO3NEEhgYSJToU6ZGVhENXWqcStaSyursQJ3FafvjUrldYGfZVZaLsWUfzJu-BPnEZEooUtSR0ndDfyw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1666672249&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1666672249516&bpp=1&bdt=1141&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MlarLsqSMp&p=http%3A//vchys.com.ua&dtd=37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4B2F 43 B
350 B 214ms
62ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA-_ZvFV0gnDnhnRdlorUhM&google_cver=1&google_push=AZmPxg-TWiNcXjS-5A19s60HVV_bOL1YdBC5r-Dc6KuLKoNNs9uW2VbJYHB0U8jxoJi0FVB5uR2PnN72J_7gkF1D3W6x7dmfrSk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1666672249&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1666672249516&bpp=1&bdt=1141&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MlarLsqSMp&p=http%3A//vchys.com.ua&dtd=37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: nkr54lqo7sbci03071ibgatbvt5skg2f

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B2F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zv7OrjSmQo2Ke8ldqvStuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

90ms
67ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zv7OrjSmQo2Ke8ldqvStuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9bRtmqDO83VfNevxLUgd6c5TH0ZjExWS0vGxGNmjCUbggQlNohKxjdarydVFcSkWd6UkSkdSEMfMr4xlqpP2hXH463RtM

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zv7OrjSmQo2Ke8ldqvStuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9bRtmqDO83VfNevxLUgd6c5TH0ZjExWS0vGxGNmjCUbggQlNohKxjdarydVFcSkWd6UkSkdSEMfMr4xlqpP2hXH463RtM
date: Tue, 25 Oct 2022 04:30:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B2F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA6cKEnP5NgUb2wvZp4PzVg&google_cver=1&google_push=AZmPxg9L4bt5vF730fb0ehW8IkguCakhFH97HU1vvexunLe0JSdrRPtnPnlZe9oW2ZT2n0rvTN0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOUE1JUzQtMUwtRDk1&google_push=AZmPxg9L4bt5vF730fb0ehW8IkguCakhFH97HU1vvexunLe0JSdrRPtnPnlZe9oW2ZT2n0rvTN0ZodeKfB0-HTI9xiQseb_gHQ

170 B
188 B

92ms
66ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOUE1JUzQtMUwtRDk1&google_push=AZmPxg9L4bt5vF730fb0ehW8IkguCakhFH97HU1vvexunLe0JSdrRPtnPnlZe9oW2ZT2n0rvTN0ZodeKfB0-HTI9xiQseb_gHQ

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOUE1JUzQtMUwtRDk1&google_push=AZmPxg9L4bt5vF730fb0ehW8IkguCakhFH97HU1vvexunLe0JSdrRPtnPnlZe9oW2ZT2n0rvTN0ZodeKfB0-HTI9xiQseb_gHQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B2F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOeriASHWHjjoXqBMTyEoLE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOeriASHWHjjoXqBMTyEoLE&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOeriASHWHjjoXqBMTyEoLE&google_hm=Y1dmekpmUxnMXCBT8_dwQAAAFDUAAAIB&google_nid=index&google_push=AZmPxg87Mwl2gyITWarL9JugliEKSKjU67wjQ...

170 B
188 B

63ms
63ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOeriASHWHjjoXqBMTyEoLE&google_hm=Y1dmekpmUxnMXCBT8_dwQAAAFDUAAAIB&google_nid=index&google_push=AZmPxg87Mwl2gyITWarL9JugliEKSKjU67wjQRvTysQToHfNFoVsDTgz6sbNxE0zlMbopbkPN_P0LbWaTb6JJ5V65ot8BWwFzZY

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOeriASHWHjjoXqBMTyEoLE&google_hm=Y1dmekpmUxnMXCBT8_dwQAAAFDUAAAIB&google_nid=index&google_push=AZmPxg87Mwl2gyITWarL9JugliEKSKjU67wjQRvTysQToHfNFoVsDTgz6sbNxE0zlMbopbkPN_P0LbWaTb6JJ5V65ot8BWwFzZY
cache-control: no-cache
cf-ray: 75f8381ca9ad71c2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4B2F 0
223 B 161ms
62ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTuPhX4DUrlGH6pKnad3paDadW65mCKPuDMuwKlKwBEA4ilDCmPcZQVY5jJOcevAgPKwej

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 45C7 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 67917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 09:38:53 GMT
etag: 48472445140208031
expires: Tue, 25 Oct 2022 09:38:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 324B 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 467509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:39:01 GMT
expires: Thu, 19 Oct 2023 18:39:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 912A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dc16b7972983f385a5ee610c3be9c26367ddb032c48adebea5e15cea3b1e5eb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6916 36 KB
16 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 041B 0
327 B 276ms
96ms Ping
image/gif 2a00:1450:4006:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~l9npmiqh&c=608676581083&slotId=304338290541.5&eee=missing-element&bi=missing-id&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/12ec4bf99de2677880693869491ac13e.js?tag=leadgen/snom_video_web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-h0jelnes.googlevideo.com/ Frame 041B 2 MB
2 MB 434ms
271ms Media
video/mp4 2a00:1450:4016:7::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-h0jelnes.googlevideo.com/videoplayback?expire=1666701049&ei=eWZXY5zyEaCA6dsP0fODsAE&ip=2a01:4a0:2c::12&id=5d9749042291e80a&itag=18&source=youtube&requiressl=yes&mh=W4&mm=31&mn=sn-h0jelnes&ms=au&mv=u&mvi=2&pl=46&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=34.133&lmt=1663105235248364&mt=1666671284&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgCXwltxWbdulD0a7IcKxLXlyD4yxdMpaI-6SI0ADNXJQCIGF1Lmb-2CZTw82IPJZzD54Cu3NYA1gLrVPS4TL--OD1&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAP35b7CQe2bl38W5Ln2eGKCnWfB5nGhXMp1BigSwEsogAiEA2f5oZa5tTXN0j_jK21QUkzjjb-mBkcVyFo60ADN7SFg=&cpn=e2urYYFIJa9TtENr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4016:7::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

474304df0a65f866cc1c72c60df61ffe94154a0dd9353d69ddcf25056375b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 25 Oct 2022 04:30:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 13 Sep 2022 21:40:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2016390/2016391
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2016391
Expires: Tue, 25 Oct 2022 04:30:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45C7
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGTsKKNozAjRsqQ8O5WMkRc&google_cver=1&google_push=AZmPxg-fklw-wqYrYNkI9nishf_U3IzsJEieYBJdv8Ek3rh1V6OH1sXFRu...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-fklw-wqYrYNkI9nishf_U3IzsJEieYBJdv8Ek3rh1V6OH1sXFRu1I_jMc0Hd5yhxTZRTFKDQ0glMJt9TwvNBlIgSScxQ&google_hm=_yjklRpXoWbwD...

170 B
188 B

92ms
68ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-fklw-wqYrYNkI9nishf_U3IzsJEieYBJdv8Ek3rh1V6OH1sXFRu1I_jMc0Hd5yhxTZRTFKDQ0glMJt9TwvNBlIgSScxQ&google_hm=_yjklRpXoWbwDd-ELxC5GA

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-fklw-wqYrYNkI9nishf_U3IzsJEieYBJdv8Ek3rh1V6OH1sXFRu1I_jMc0Hd5yhxTZRTFKDQ0glMJt9TwvNBlIgSScxQ&google_hm=_yjklRpXoWbwDd-ELxC5GA
pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45C7
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEOIMLHZM0i3TNsQ0HG_QkbA&google_cver=1&google_push=AZmPxg8mZO2O7tJ7ZLnR9exT_PL7Z9ExC_vLsRwKTZOpqBM8Ng-jGJfihoidaMvoOws3mueI3dwGkZz0J1kPvphMnM1IIVwoYEQ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8mZO2O7tJ7ZLnR9exT_PL7Z9ExC_vLsRwKTZOpqBM8Ng-jGJfihoidaMvoOws3mueI3dwGkZz0J1kPvphMnM1IIVwoYEQ&google_hm=Q0FFU0VPSU1MSFpNMGkzVE...

170 B
188 B

64ms
64ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8mZO2O7tJ7ZLnR9exT_PL7Z9ExC_vLsRwKTZOpqBM8Ng-jGJfihoidaMvoOws3mueI3dwGkZz0J1kPvphMnM1IIVwoYEQ&google_hm=Q0FFU0VPSU1MSFpNMGkzVE5zUTBIR19Ra2JB

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 04:30:49 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8mZO2O7tJ7ZLnR9exT_PL7Z9ExC_vLsRwKTZOpqBM8Ng-jGJfihoidaMvoOws3mueI3dwGkZz0J1kPvphMnM1IIVwoYEQ&google_hm=Q0FFU0VPSU1MSFpNMGkzVE5zUTBIR19Ra2JB
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 45C7 43 B
134 B 65ms
63ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA-_ZvFV0gnDnhnRdlorUhM&google_cver=1&google_push=AZmPxg_GMj-Gnqn5UDx_IOFp6_f6Tr9r-J1eSXRz9_drqXd1bntFdmivqSKmt-GbdYUuovHk1TdpVtvXRyIUtG6kqH4tmwXFltJs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&adk=137533416&adf=404476720&pi=t.aa~a.1415951696~rp.4&w=315&fwrn=4&fwrnh=100&lmt=1666672249&rafmt=1&to=qs&pwprc=3519743202&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666672249560&bpp=1&bdt=1185&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=3770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SIzEbnt56f&p=http%3A//vchys.com.ua&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:49 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: o9bit5geb41iq4fmlv0pm274iurga6im

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45C7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_H7NdyH6TDifge9EDs0H4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

93ms
68ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_H7NdyH6TDifge9EDs0H4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_yDTG6WZo55PoXoqw0TuArmT0sIw7o18mexlVtJw2wAIB-u1DU7fqJfHolkJeloDqfrZaAoBKVEdQcEcTE49c3JloZ0CQ

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_H7NdyH6TDifge9EDs0H4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_yDTG6WZo55PoXoqw0TuArmT0sIw7o18mexlVtJw2wAIB-u1DU7fqJfHolkJeloDqfrZaAoBKVEdQcEcTE49c3JloZ0CQ
date: Tue, 25 Oct 2022 04:30:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45C7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA6cKEnP5NgUb2wvZp4PzVg&google_cver=1&google_push=AZmPxg_c5Bdqhuv2lrZmOrejh7gKkRfFhBkio5ogzwb2tNJHMntYy0ntIDLDd5ZvU9XagFIOl8o...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOUE1JVjUtUC0xUzU2&google_push=AZmPxg_c5Bdqhuv2lrZmOrejh7gKkRfFhBkio5ogzwb2tNJHMntYy0ntIDLDd5ZvU9XagFIOl8oijMxSoovZudLRwPCtxugw0tqt

170 B
188 B

65ms
64ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOUE1JVjUtUC0xUzU2&google_push=AZmPxg_c5Bdqhuv2lrZmOrejh7gKkRfFhBkio5ogzwb2tNJHMntYy0ntIDLDd5ZvU9XagFIOl8oijMxSoovZudLRwPCtxugw0tqt

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOUE1JVjUtUC0xUzU2&google_push=AZmPxg_c5Bdqhuv2lrZmOrejh7gKkRfFhBkio5ogzwb2tNJHMntYy0ntIDLDd5ZvU9XagFIOl8oijMxSoovZudLRwPCtxugw0tqt
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 45C7 43 B
297 B 215ms
47ms Image
image/gif 2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBRNgDcIxstUBIdvmVY13z0&google_cver=1&google_push=AZmPxg-2GmFIdJo9wh4YIHV72jWxiCzrD1x73WjLF-wuJ7QLVjxfplG1frsRvQgoRxByrVD4nBhb5IdZwVUpvXBbGTn_yaUJanKI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&adk=137533416&adf=404476720&pi=t.aa~a.1415951696~rp.4&w=315&fwrn=4&fwrnh=100&lmt=1666672249&rafmt=1&to=qs&pwprc=3519743202&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666672249560&bpp=1&bdt=1185&idt=1&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ebe96e3be095f77-225ce31156ce0037%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg&gpic=UID%3D00000b7838f079aa%3AT%3D1666672249%3ART%3D1666672249%3AS%3DALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=4512340861840&frm=20&pv=1&ga_vid=1743270659.1666672249&ga_sid=1666672249&ga_hid=225786695&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=3770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070425%2C44775016&oid=2&pvsid=3750785850350106&tmod=6568862&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SIzEbnt56f&p=http%3A//vchys.com.ua&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 45C7 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 45C7 0
12 B 172ms
62ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDjMpC1HM3yiifT6psyj-R5Zq3-haMA-gqF7xh78IibT-eZlZ8cak4Q2w8bjY-xLTEyrmZsw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 127E 15 KB
16 KB 186ms
77ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 42358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 127E 15 KB
15 KB 168ms
59ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 287406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:40:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 127E 15 KB
15 KB 160ms
53ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 313401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:27:29 GMT

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 324B 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 912A 0
26 B 201ms
92ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 324B 0
28 B 91ms
90ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6y6xeWZXY9iEPNCv7_UPidCJqAkAAAAAOAHgBAI&bg=!UlGlURXNAAaaxvStusY7ACkAdvg8Wo4QrW2hNbdh56-bm7LZfxyFI8oNf1iXuMNNr6wnXVmV1vfSFgIAAABUUgAAAANoAQcKADHAHNAssbbJikPv9bmz23hhMBfK1O0pQWPZYn4j3mQ7b-uQqTS6v1AdWRNZenNbpRammQL68mwhE2z8BctkUV0RxDUPLNxkiTNNfQbr3u_JOdpeZfZZII4xGp1MmSg2495rmVjIHjZBWQF0uvDZuey8hX9RISctIFoT19Sa8fB6-oa2NmnZvLZ8DxfV6MP0f5yaDd42ADaYMCgisKzi072bweD719cwILYgKwhqMgyzfb4Ef46b1ZxCWJnbNCpFmiPS2EfDG4tMaI-IHn1Q2ooSOTu9Tncp53LLZNM6lEuclj3gpmJuO6sWf_FQQKb2CtpXjFdrZ8OqGO1PFD5OsE_5C72chICjBt_sOqTfKKYaIxQaatd8P-RtSplFzB98QAJbBLR-MQ2peVXb0Ry9O8MRbTfXX9-kYOdxKFUdXhvS-MwHaLnLgygK7Bulr0R7_qcWrfonN6IJrrlS05r3nghZ7FSkQ_heOfkSJK3v5q7W5Jgv3QfGq_Y7qYPmsAG6NPSOWE65woSLHuMNvLOTeRnj2WAgrxmsQ6mefzGB8ZnIM0xkQGvK8w4K4SZTVAuwBOJPzsIj9oCBDsXRg1nVyt0SGGBWeBYTGWrSU6uNNKldDLZw4-1IYN39PCVMRt-ZuEInlxWD5SFH-zQ-b_JCG60D2VzikN_soqH7urgJB6XWlWiv17QDsoRqCKMuvdjGGHgBEtBI6GT8HQz25rUNqnuJ_6dLlqk-NIQvt0I7mI5Q7l9relSNrsHs7znlq9kML_2xnckRCFaRF_Yjhg0541IaZPleA69lUWKNF7es4E8YewpEqUNUZd3JlKB-v7qHCQ__BMAGRFP9K0RItk55lbp1nceVqi7t4Mj9C04r9Zuj5QhuDSYVxd94A2CVY1ujqNZc5CLDHKzS6t59h8Gl9zV27tbpAIVFAqMPvUt59hqNBljati8N15-ihhhYRGKtXG4p1IrS5ObD3b6v6y_K9hXp-TYvKeVHoVUWgSk5lownu_cfY7YgJy7vHc07Hd1YHrKdPot25Ojd2XiqyCeqCWt57Eh-WjGbM5Dd_c5LjmGLV0I5UbaHJ3m3AwbdLrrD

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A27 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 041B 0
28 B 88ms
87ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCFRvd2VyQWxsCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQouGiFkaXNwbGF5X2xlYWRfZm9ybV9xdWVzdGlvbl9udW1iZXIhAAAAAAAAEEAwAQoNECshAAAAAACAW0AwARIaQ05PdDh2ckYtdm9DRmJ6bnV3Z2RmZW9OU3ciFmxlYWRnZW4vc25vbV92aWRlb193ZWIoLA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 178ms
69ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93c9df46246d7d27b4ec76925742f17780d339a2d131b9fdaf185e9663fdcd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame F383 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CD7C 42 B
72 B 92ms
90ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHsXWo8VM3_2YvJXx7XdxKNYyaB0he0ZtnmXUVdZmYCMqtTKLLlVd7Gw92d2Ck0gQEn8fzCYAKPz7irQbMduAhNHJTFkpCrazhNSBNcSIWqj0YIiRM7TdfB3T54rb4Dtaqcl-jWA&sai=AMfl-YRLbN-uv-RNmLqjMvLElFMQkXmPI5Z5Qt7bCko5rW9qA4tDx5O7CpJpf9MWfF3-j63HqcEv5BhXtW4h69c&sig=Cg0ArKJSzHM7HEvS9NMJEAE&cid=CAQSGwDq26N9XNzI-QQMiHqxVTyV4MaHKeomSExBEBgBIA4&id=ampim&o=436,100&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1000&tls=2001&g=100&h=100&tt=2001&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 04:30:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A08 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 35745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 18:35:06 GMT
expires: Tue, 24 Oct 2023 18:35:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1374 783 B
535 B 64ms
64ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

867853c86a1318a85257b19bcb86bd5cb45a601a56068bbea63c1d74b9dd9440

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jnet4LQHP17hTeHo8YW8MQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Jnet4LQHP17hTeHo8YW8MQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 04:30:51 GMT
expires: Tue, 25 Oct 2022 04:30:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A08 36 KB
16 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:38:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1374 0
0 88ms
88ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=3750785850350106&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F236 42 B
64 B 96ms
95ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveoZgQNvXwLXvlcL4UiWnOk6Pj_qaZeKIlZW97sjXbZ4W6EFJVdyORk9eKw0gH6y1GjGGiJDPvlFRy4_l8Z6xbo4jqLNzInzUh7CPgYB08kSl6ZOtaXPg_5XoiAfPBAlfxiONLTg&sai=AMfl-YTzJe_BVlcq9gZxkTJR478n36YTYa0YZgsUTRUbCudaxSaso_M-7aXtm-kWIelG4T8v6hH4XqoGz-VBXVA&sig=Cg0ArKJSzD5jdmNds9rwEAE&cid=CAQSGwDq26N9V-z6Ph0Scsvhe0vU0VNRWNPt2KB7NhgBIA4&id=lidar2&mcvt=1000&p=0,0,250,315&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3245228110&rs=2&la=0&cr=0&vs=4&r=v&rst=1666672248945&rpt=1205&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2A08 0
12 B 54ms
54ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HfLg9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 04:30:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=3750785850350106&bg=!8vGl8bXNAAaaxvStusY7ACkAdvg8WtObJMtFEodHLv_qKcNdWfvDzbpOh-aysGIk_MLqndqyfi2DjQIAAAB5UgAAAANoAQeZApwvkzGfs33nun_YQHo2lj0IuwIyxdSLffZm_ofcKlpPMGlPfpirm8rsReAP1eFXURObPUEhLSeQh6TGthzAUVbbWZpQK6FkPasxmfAEx6fT28KHaAnL-6Oy7X3mhScKTtB0GtoDGJuLsmY25Q45WSPpWm7JUSxrNXEo5QHIxUFRzRfliNMV6r5psIoa4YVRJuItC2Vqi-v6UcqMlY3bMvpX19-l-xWrDdnZKPh2lXippaz-Io-WGptfvYhXPD0BB6iR3qKtchSUDLBJHKtER5P9l9g0gIGgk9mLsmscTSB_Oio1ep3Dh0pJJevGFv96LNFpjjl58i5I7SXLT4niI4c9zuaZCY4fFFrwfJGnn-vtWYtiOokpbBxciCTe1JGCPyZWs4J-7aNZw2pz4oSgPN95ZCLlz1_w3ewcEG4gt-iGr66evirPpfnsymHY7RBg-88A5ETt9uaCXIqfkezNoRd5OQ3Q6wcdgUlnqZOjSYGr4oUn4A8NbFRQ3o9HZR6ioFA8jW0JdNLEhhAskhyWC4pKRoGuDjfADTOoGoyiF57Ap92txC60khvBa2LY4aBp0RoNrvUQM_Y1akXfBrrJaAiHAHJZe7gTnKx_0rC8PFNUhnxD0NfdaFB951zT7edCwPZo2FFhaiNwfAZQD_dDnn1RIFi4I9BIm3n5bb7OlZB9H4X7uk4WT3fkgWI7hA61xwX_GAaAjk6HsbPhQcutraErlePj96BPsQk0iwEWKS82RnoZ-Qzsto_w3f-RK_zLYGww1Zcr_PGjTzCM5JCZyU6sHdxN3ire-xeKGS85jzPJXiX5aaradOj-Xu01em7zKJM3aJE5VakdOWLxR7sqvE9sBxLvzl2hu6UrXDU9QOGgrPaKcS77usifhfRuLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 041B 0
17 B 248ms
96ms Ping
image/gif 2a00:1450:4006:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~l9npmiqo&c=608676581083&slotId=304338290541.5&umsem=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/12ec4bf99de2677880693869491ac13e.js?tag=leadgen/snom_video_web
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 04:30:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJQsK7DXLhbW_RchP6wbLoY&google_cver=1&google_push=AZmPxg-yUfx5xufdK8kO7_sWi6_yqlHNGTD0Z4tEv2VCwIkQx4NkccJVME-Ndp7e37hJ9DfBkFbBr3PkJQ8TGGSmMV0NkyqCLunO

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vchys.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 87c7cbdfd97d749bc80b7cb608337cbc
.yadro.ru/	1970-01-20 15:43:01	Name: FTID Value: 1ZLsPv3jOMuQ1ZLsPv001UMo
.dominantroute.com/	1970-01-20 16:33:52	Name: uuid Value: 16666717781388806696
.vchys.com.ua/	1970-01-20 16:19:28	Name: __gads Value: ID=3ebe96e3be095f77-225ce31156ce0037:T=1666672249:RT=1666672249:S=ALNI_Maht6F-6UHHAuuNSr8WTTdtsJBLOg
.vchys.com.ua/	1970-01-20 16:19:28	Name: __gpi Value: UID=00000b7838f079aa:T=1666672249:RT=1666672249:S=ALNI_MYKzyRCJmfDeZAL2UpNzE2zAx1FUg
.yadro.ru/	1970-01-20 15:43:01	Name: VID Value: 3PYxWt1yVGeQ1ZLsPv001UNN
.vchys.com.ua/	1970-01-20 06:58:35	Name: u_count Value: %5B0%2C0%5D
.doubleclick.net/	1970-01-20 16:19:28	Name: IDE Value: AHWqTUnKHZwK7ka2zjfTMJg7Z0AbYJ1mTGuosqerfue3xSaI6fza9RMSSxq-GJgZSNQ
.adnxs.com/	1970-01-20 09:07:28	Name: uuid2 Value: 1369553945607914243
.casalemedia.com/	1970-01-20 15:43:28	Name: CMID Value: Y1dmekpmUxnMXCBT8-dwQAAA
.casalemedia.com/	1970-01-20 09:07:28	Name: CMPS Value: 5173
.casalemedia.com/	1970-01-20 09:07:28	Name: CMPRO Value: 5173
.quantserve.com/	1970-01-20 09:07:28	Name: d Value: EAoBCQG1J4EA
.quantserve.com/	1970-01-20 16:28:06	Name: mc Value: 6357667a-34a33-94491-04d76
.pubmatic.com/	1970-01-20 06:59:18	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:07:28	Name: KADUSERCOOKIE Value: CEFECEAE-34A6-428D-8A7B-C95DAAF4ADBB
.adnxs.com/	1970-01-20 09:07:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilbp6kC9!]tbPl1M>e)ZlrFUfJ+tGXxpOOxVugasDGI:><z=8`Nyw>S1YgaaTG+KE#3T3If)y3KL9D3I?+?jN@O6
.innovid.com/	1970-01-20 09:07:28	Name: uuid Value: 512f84a3-3b0d-4977-b788-9c096cff92a9-20221025 00:30:50
.agkn.com/	1970-01-20 15:43:28	Name: ab Value: 0001%3A2YOwG79xIXJIP6NJcsqepOILyB2Tln6k
.agkn.com/	1970-01-20 15:43:28	Name: u Value: C\|0CEAq6iL6Kuoi-gAAAAAAAQ13AQCAAQpAAAAAAA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://vchys.com.ua/templates/Vchys/css/# Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg873rhKwgwb3BW1jGXqd0WrC1t7TNiacLPT3HKGcZ7Rr_GiR0n6yfQff6MLRv1_p4GIoNb-Q8gSgqQeE7sIR6vNG_eX_g&google_gid=CAESEMDuymIZtlC2cBDgftmCjZc&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJQsK7DXLhbW_RchP6wbLoY&google_cver=1&google_push=AZmPxg-yUfx5xufdK8kO7_sWi6_yqlHNGTD0Z4tEv2VCwIkQx4NkccJVME-Ndp7e37hJ9DfBkFbBr3PkJQ8TGGSmMV0NkyqCLunO Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
cdn.ampproject.org
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
cse.google.com
csi.gstatic.com
d.agkn.com
dominantroute.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rr2---sn-h0jelnes.googlevideo.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
vchys.com.ua
www.google.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.18.126
136.243.155.228
142.250.184.194
142.250.186.130
142.250.186.98
185.64.189.115
185.80.39.216
193.200.64.20
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:806::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:4006:811::2003
2a00:1450:4016:7::7
2a05:d01c:1d8:8102:fc46:f74d:d9f1:b88
3.126.163.185
34.98.67.61
35.186.253.211
35.244.174.68
37.252.173.215
69.173.144.165
88.212.201.198
0368c51ee0901e3ae2569a661f8b4d4e8f4ecdfab2508d7b3f0123ddef5ac3b9
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
0774f3004aaf1f3972ee1e58ff7f78b1212b1318d8e5d5254693cc5d7b46e238
08599a007695f3f56d1420217e7ed0b082d4bed68348564997a9b5db2196979c
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
0d8f8b659d5d817d65d55b7868d3618bb7d78644011dd40f01c23e4ed3b15f3b
0dc16b7972983f385a5ee610c3be9c26367ddb032c48adebea5e15cea3b1e5eb
0ea67b9a3f6abf27433c6b4404e9aee6db762784fd66c3420516668e87b3d4d2
0f1f331868a01a2f65f325824d5f58330213b442f4081c0b418659287e3af95e
10860052cef1a5864aef3915143cdbf8fc8749a22aba58ea6f8f931db7d848cd
11b4a440262de3659bc6b13c0aa95c10148ff035c35754409e1ff690febab5fb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
135669c9a20461f5d30d4e9604a13fb7504df2c4d3c26fe9d3c776f09f43eea5
1955e35543309ca044a7071e173a7953ce9c0abf99ca51442dc81fdf20a262f0
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1b925cd36e4d7035c4443ff5ce5f8baa93e6b2cf7c9492791276783453c2aa87
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2f8d2146bbcb6552c686ea04d4bc2bd5791c8d4c796c73d91241b01792620eda
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
32da5e46eef487b4b767bb0821338cba5ba7ee28149b8d80846effe328dd3fc2
33ae362801df6760d197feb6424b31cd4a3c0f04cb5c390e3f5fb9cec197b765
33e73622e0366de95d732cc6998ed4017a3fd0549fc70bb9b531e875c5e0b4dc
341a581c0200b891d013b24067864fb6c416677f2004da52e4fdad2032a1ec54
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
39d27420dbf428a92a85c8b6051ed58dfdf45ae14c5632595f65ed72a6b46ca3
3b7dbb2f7ef844758c0558d807709bf405677de40ae3fecf9321f32371deabd7
474304df0a65f866cc1c72c60df61ffe94154a0dd9353d69ddcf25056375b32a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5073a2af4e54a5446f976ec70c965f7268502d087441aec6e50939cd05cec2d2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560aa808454ef03cd0b38b1c5ec5012008bc5c58b56aa79295e6836b7cd18cf1
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5ac81a1b74c547d372e0058796acef196adb800efcc590406dd270cf8e8271f1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cf63d2b9d0c31ee9cd406a837123969d9f0b1e1f6782558642970407b4d3404
5df7aab83654c70b3d171a36c554383861d0765204fbad79c3c744ab400319ae
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
6111adf2d267651edfefe5466550ef4463c00ba7bfbfd4b5ac37f54acde3f96b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ffdf6ab8a5bac826c7fe77b6b5381145cf36e15acd3bbbb98b1bac3af52721
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
6bf128e9a27ea188071188d4a0d228a2f4cec033a168198bff3d00bb46de02d7
6ec5e1101ea00048a692f3a4baa491dac4e16ec88d52e6f3a4fd17f47eac44c2
703d5529e0a0d9c43128d2060510ca86175594a6c2c3275c1647c20fc2d69d71
772bd17bb4c6be5a3150be460115db50c91d32f1a1d02bbee4e79099859ebf48
7753657361b802b159fc0bdb146186b65cadc5785a257b494ca22b05b9528e58
7f0c4dbf7067cb39583786b86fa184c04e476a26c8f85da71e680ab8482f17b4
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
867853c86a1318a85257b19bcb86bd5cb45a601a56068bbea63c1d74b9dd9440
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b9d189ee42d3345adcb082b1f8e51a1ba07c48f903cbf2106891274dcf01b18
94ea1b7345b96e601db0634768a05e12dc34afb3a9eec06086e4b47b0a506a81
977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aee4412b7600efbfa8cb49c986a02418a4fe51d8ad1cc0b1eb6ac4bfb6f8f6b
9bf15c219c564c48e8306f34c0243e7ef0fba5f85ddaf2f7c2ca044b3279cccc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2fc0b7634ad909fbbf3a26e5ee6b34c8baedf354649863c5935ddfad9a19e1f
a41789456f569363ee5443e032af86b917c06ad8d4f80e90c983720a6c07d788
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59a1930493ee8d6b116c95b99ac9f23ede5281b0a259f656170888e7b883348
af1a45f830aed8f072a2ed0e9a1dd4aea40391d1eb8a33c39181b5c05bed53bc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b7db3bf977b6edb173e8e55be71aa70cef23c57f06902e00b7b4b0ca0bac24ec
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
c0972bd0cf245c49cbc455edb2c0579eb5fd995202f6337a005783a1b291d933
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6bc3aa7a650d34a0ea392461ed9adbc3df3c840039ab19b9eb594d9689e149d
c7c3b30067a4397a1a5748329a4aca793f5b43a0058408c8a38cdff4d46c7c61
c8119868d1add0133354161bf5dfae97c941b3706192e0326c5f77718505281a
c93c9df46246d7d27b4ec76925742f17780d339a2d131b9fdaf185e9663fdcd0
cbce168b8657f426f95eb1b29c69c4781243c98cbe7de963a0e7fe1e246c9bd1
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
d420c475a92422b9026bc0faf77b56b26e43e20b395e6db0d0e807558341e664
d74b347f3b95141c113ed50ca5915bc00d5c5c7efd23e1b58e9034c93082a86d
d75d0791b92689369d15650ee74fd6b830252eb010653957237c62401edd8da7
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
df10239e9f31b0a8cc0b08685e86e23f36ea9d3be2319b2b9027a34285289d86
dfe419656dd889de2ec720db0136e2c564a919fa5215e67020632cc684496885
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e2a2fbe3deb0ef05eef9fa76f5b53da71c501ad03e373329da490b56e2495dc3
e3083a8e7aee950d028b41c53ff4ac72ac1d485a31031aecb9d162e8292f4067
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
eefbb6ed5c954fda1b8cfa8db7828ada30bf3ccec35481983dce9f8f966f1cda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd4d2a365a8dad1a06d041101943c79d4e6c55791fe35e88b64a53b8835a7395
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

vchys.com.ua Open in urlscan Pro 136.243.155.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

182 Requests

82 %HTTPS

56 %IPv6

25 Domains

35 Subdomains

31 IPs

8 Countries

4300 kBTransfer

8026 kBSize

20 Cookies

1 Outgoing links

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

vchys.com.ua Open in urlscan Pro
136.243.155.228 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

82 %
HTTPS

56 %
IPv6

25
Domains

35
Subdomains

31
IPs

8
Countries

4300 kB
Transfer

8026 kB
Size

20
Cookies

182 HTTP transactions
6 data transactions